NEWWorld's first AI visibility audit tool for Web3 is live.Run free audit →
CompareAboutCustomersPartnersPressStatusDocsSign Up
Audit module · 06 · Opinion + Tool

Generic backlink tools penalize the strongest Web3 authority signals.

Ahrefs DR and Semrush AS were built for SaaS and content sites. Applied to crypto, they recommend disavowing the very links AI search uses to verify protocols. The rubric and audit module below fix that.

Read the rubric
Web3 Backlink Toxicity Rubric v16 scoring dimensionsFree reference, open methodology

By the numbers

~40%of backlinks Ahrefs flags as "low quality" on a typical Web3 site are actually crypto-native authority sources mis-categorized.Illustrative figure based on TG3 client audit patterns
6scoring dimensions in the Web3 Backlink Toxicity Rubric. Each link is evaluated on all six before a verdict is issued.See the full rubric below
3 minsaverage time the toxicity module takes to score a typical Web3 site's full backlink profile end-to-end.Median across audits with under 10k referring domains
// The argument

Why Domain Rating fails on Web3

Domain Rating and Authority Score are remarkable tools. They compress the link graph into a single number that correlates well with ranking ability for most of the open web. The problem is what "most of the open web" excludes.

The link graph these models were trained on is overwhelmingly mainstream content: news, e-commerce, SaaS, blogs. The authority signals they recognize are PageRank flows from trusted hubs in those niches.

When a Web3 protocol gets linked from DefiLlama, CoinGecko, Etherscan, GitHub or an audit firm PDF, the generic models see the surface pattern and downgrade them.

DefiLlama looks like a directory site. Etherscan looks like a tool. GitHub looks like a code host. Audit firm PDFs look like third-party documents on shared servers.

None of those surface readings are wrong. They are just not what the link means in crypto.

"We built our backlink profile carefully over two years. Then a generic SEO tool told us 30% of our most cited references were low-quality referrers. We almost disavowed our DefiLlama, Etherscan and audit firm citations before realizing those were the links AI search was actually using to verify us."

Source: composite quote from several TG3 client conversations

Three patterns generic tools get wrong

Pattern 01

Crypto-native authority undercounted

A backlink from defillama.com/protocol/[name] is one of the strongest external signals a DeFi protocol can have. AI models read TVL, fees and audits from it.

Pattern 02

Audit firm PDFs treated as documents

Trail of Bits, OpenZeppelin, Quantstamp and CertiK audit PDFs are YMYL trust signals. Generic models see "PDF on subdomain" and downgrade them.

Pattern 03

PBN clusters vs aggregators conflated

50 cloned sites with identical templates is a PBN. A legitimate crypto news aggregator looks similar in DR scoring. The signal is in operator pattern, not page pattern.

The rubric below is the alternative

The Crawlux Web3 Backlink Toxicity Rubric scores every backlink across six dimensions tuned for crypto. It explicitly recognizes 80+ crypto-native authority domains, distinguishes editorial from sponsored placements on major crypto media plus treats cross-chain and multi-protocol referrers as legitimate signals rather than spam patterns.

The rubric is open. We publish it here so SEO consultants and protocol teams can use it even without buying the audit. The audit module just runs it across your full backlink profile in three minutes and outputs a prioritized disavow list with reasoning.

// The rubric

Web3 Backlink Toxicity Rubric v1

Every backlink scored across six dimensions on a 0-100 scale. A weighted average produces the link verdict. Open methodology, free to use, audit firm citations welcome.

01 · Source category

25% weight
  • Authority (90-100): DefiLlama, CoinGecko, CoinMarketCap, Etherscan, GitHub, Wikipedia, audit firm domains
  • Editorial crypto media (70-89): CoinDesk, The Block, Decrypt, Bankless, Defiant editorial pieces
  • Neutral (40-69): General tech blogs, Substacks, podcasts
  • Suspicious (10-39): Auto-generated press release republishers, low-traffic forums
  • Toxic (0-9): Identifiable PBN signatures, cloaked link farms

02 · Web3-native trust

20% weight
  • +30 pts: source has its own crypto-native authority (e.g. CoinGecko entity match for the linked protocol)
  • +20 pts: source is on the rubric's recognized 80+ crypto-native authority list
  • +10 pts: source is a verified validator, builder or grantee in a major ecosystem
  • 0 pts: no crypto-native trust signal

03 · Anchor pattern

15% weight
  • Natural (80-100): brand name, naked URL, or topical phrase
  • Mixed (50-79): brand + occasional keyword anchor
  • Over-optimized (20-49): same exact-match keyword anchor across many referrers
  • Manipulated (0-19): paid keyword anchors at scale, or anchors targeting unrelated keywords

04 · Link velocity

15% weight
  • Steady (80-100): gradual link acquisition matching site growth
  • Event-aligned (60-79): spikes around known events (token launch, audit publication, PR cycle)
  • Spike (30-59): sharp spike with no corresponding event
  • Burst (0-29): dozens of links from one operator pattern in 24 hours

05 · Operator pattern

15% weight
  • Distinct operators (80-100): referring domains have unrelated WHOIS, hosting, design and content
  • Light overlap (50-79): shared hosting or template across 2-3 referrers, not a PBN signature
  • Cluster signature (20-49): 5+ referrers sharing template, hosting, or outbound link profile
  • Clear PBN (0-19): identifiable network of cloned sites with single operator

06 · Topical relevance

10% weight
  • Tight match (80-100): source covers crypto, finance, the specific chain, or category
  • Adjacent (50-79): tech, fintech, software, regulation
  • Loose (20-49): general business or generalist content
  • Off-topic (0-19): completely unrelated niche (gambling, pharma, dating)

Final score = weighted average. 70+ keep · 30-69 review · <30 disavow candidate.
Rubric is open: cite as "Crawlux Web3 Backlink Toxicity Rubric v1" with link to this page.

// What an audit finding looks like

A typical backlink toxicity finding

Each link reaches the report with its rubric scores and a recommended action. Here is a representative finding from a DeFi protocol audit.

● MEDIUMFinding 09 of 17 · Backlink Toxicity
23 referring domains · cluster signature

Cluster signature: 23 referring domains share PBN markers

A cluster of 23 referring domains was detected. The volume from a single operator is the issue, not anchor text or individual page quality.

  • Identical WordPress theme across all 23 domains
  • Shared hosting on the same /24 IP block
  • Near-identical outbound link profiles to other crypto sites
  • Published within 72 hours of each other
  • Anchor text: protocol name across all 23 (low risk alone)
Rubric score22 / 100 · disavow candidate
Effort to fix~15 min · single disavow upload
Domains affected23 (one operator)

→ Recommended fix

Disavow the 23 domains at the domain level, not per link. Operators flip URLs cheaply; the cluster signature is what stays consistent. The PDF report includes the signature so you can spot the same operator if it spawns more domains.

Illustrative finding based on common patterns observed in TG3 client audits, not a real Crawlux scan output.
// vs the alternatives

How Crawlux's rubric scores backlinks differently

Same hypothetical referrer profile, evaluated three ways. The rubric explicitly distinguishes crypto authority from generic web authority and from PBN noise.

Hypothetical referrerAhrefs DR verdictSemrush AS verdictCrawlux rubric verdict
defillama.com/protocol/[you]DR 78 · "Strong"AS 52 · "Moderate" Authority · 95 / 100
etherscan.io/token/[your-contract]DR 74 · "Moderate" (passes little equity)AS 60 · "Moderate" Authority · 92 / 100
Audit firm report PDF (Trail of Bits, OpenZeppelin)Treated as PDF on subdomain · low signalTreated as document link · low signal Authority · 98 / 100
CoinDesk editorial (earned)DR 91 · "Strong"AS 78 · "Strong" Authority · 88 / 100
CoinDesk sponsored (paid, undisclosed)DR 91 · "Strong" (does not detect paid)AS 78 · "Strong" (does not detect paid)~ Review · 45 / 100
Crypto news aggregator (auto-republish, distinct operator)DR 12 · "Toxic" recommended for disavowAS 18 · "Toxic" recommended for disavow~ Review · 58 / 100
PBN cluster (23 domains, shared template, single operator)DR 18 · "Toxic"AS 14 · "Toxic" Toxic · 22 / 100 (cluster-level disavow)
GitHub README backlink from a verified ecosystem granteeDR varies · subdomain ignoredAS varies · subdomain ignored Authority · 90 / 100
Wikipedia article referenceDR 95 · "Strong" (nofollow noted)AS 92 · "Strong" Authority · 96 / 100
Off-topic gambling site linkDR 8 · "Toxic"AS 11 · "Toxic" Toxic · 14 / 100

All verdicts above are illustrative. Actual scoring depends on full link context.

// How the audit runs

How the toxicity module runs end-to-end

Four phases, sequential. Total module time is typically under 3 minutes for sites with under 10k referring domains, longer for larger backlink profiles.

  1. 01

    Backlink ingestion

    Pulls full backlink data via DataForSEO API, deduplicated by referring domain. Augments with on-chain context where applicable: validator status, ecosystem grantee lists, audit firm rosters. Cross-references with the rubric's recognized authority list.

  2. 02

    Per-link rubric scoring

    Each backlink scored on all six rubric dimensions. Source category lookup is deterministic; anchor pattern, velocity and topical relevance use heuristics. Operator pattern detection uses WHOIS, hosting, template fingerprinting and outbound link profile clustering.

  3. 03

    Cluster detection

    Referring domains grouped by operator signature. Clusters of 5+ flagged for cluster-level disavow rather than per-link, which keeps the resulting disavow file small and maintainable as new operator-controlled domains appear.

  4. 04

    Disavow file generation

    Produces a Search Console-ready disavow.txt file with cluster-level entries and per-link entries for outliers. Each entry has a # reason comment so future audits can re-evaluate decisions. PDF report explains the rationale per cluster.

// Backlink toxicity FAQ

Backlink questions, answered

Common questions from teams cleaning up backlink profiles on crypto and Web3 sites.

Why does Ahrefs DR fail for crypto sites?

Ahrefs Domain Rating was built around the link graph of mainstream web content. Crypto authority sources like DefiLlama, CoinGecko, Etherscan and DappRadar score lower in DR than they should because their outbound link patterns differ from typical authority sites. Ahrefs treats these as moderate-quality referrers when they are actually some of the strongest signals a Web3 protocol can have. Sites following Ahrefs disavow recommendations have ended up disavowing the very links AI search uses to verify them.

The argument above goes deeper. The rubric below is the alternative.

What does the Web3 Backlink Toxicity Rubric score?

The rubric scores each backlink across six dimensions: source category (authority, neutral, suspicious), Web3 native trust (whether the source is a known crypto-native authority), anchor pattern (natural vs over-optimized), link velocity (sudden spike from one source = bad), operator pattern (single PBN signature vs distinct organizations) and topical relevance. Scoring is on a 0 to 100 scale where 70+ is safe to keep, 30-70 needs review and below 30 is toxic.

Should I disavow links from copycat sites?

Usually yes for clear PBN networks, sometimes no for legitimate crypto news aggregators that look spammy at first glance. The audit categorizes copycats by signal pattern. A network of 50 sites with identical templates and outbound link profiles is a clear PBN. A crypto news aggregator that auto-republishes press releases looks similar in DR scoring but is not toxic. The rubric distinguishes them.

How is Crawlux different from Ahrefs Site Audit?

Ahrefs Site Audit gives you DR per referring domain and surfaces a generic toxicity score. Crawlux gives you the same backlink data plus the Web3 Backlink Toxicity Rubric, which scores each link in crypto context. Crawlux explicitly recognizes DefiLlama, CoinGecko, CoinMarketCap, Etherscan, GitHub and audit firm domains as authority sources rather than treating them as generic referrers.

Can I run this audit before disavowing in Search Console?

Yes. The audit produces a recommended disavow list with reasoning per link. Most teams run the Crawlux audit first to identify clear toxic patterns, run a second pass on the medium-toxicity links manually and only then upload a disavow file to Google Search Console. Disavow is irreversible in practice (it takes months for any reversal to propagate) so getting the list right matters.

Does Crawlux check links from crypto media?

Yes. Major crypto media outlets (CoinDesk, The Block, Decrypt, CoinTelegraph, Bankless, Defiant) are recognized in the rubric. Sponsored content and PR distribution links are differentiated from earned editorial links. The audit flags sponsored content that does not disclose paid placement, since these can attract manual penalties even when the source is otherwise legitimate.

What about Telegram and Discord links?

Discord and Telegram links are usually nofollow or ignored entirely by search engines, so they do not contribute to backlink scoring. The audit notes their presence as community signals but does not score them as authority links. The exception is when bots scrape and republish Telegram content with active hyperlinks; those copies are evaluated as standalone web pages and scored accordingly.

How often should I run a backlink toxicity audit?

Quarterly is enough for most established protocols. Run more often (monthly) if you are doing active outreach or PR, since new toxic patterns can appear quickly. Always run an audit after a token launch or airdrop because copycat sites tend to spawn around these events to capture search traffic. Pro tier ($25) gives a 90-day re-audit window per domain.

Related backlink coverage

// Recent coverage

RUN THIS AUDIT FREE

Run this audit on your crypto site.

No signup, no credit card. Full 8-module report in 60 seconds.

Free first audit · No signup · 60 seconds · Full PDF report