developer.visa.com F · 31/100
8 passed 21 warnings 3 failed audit-mnf5jhd9
SSL / TLS Valid HTTPS · 222ms
x402 discovery No x402 discovery found
Agent discovery No agent.json found
llms.txt HTTP 404 · 187ms
security.txt Not found · 379ms
CORS headers origin: https://partner.visa.com (restricted) · 356ms
Security headers 3/5 — missing: content-security-policy · 365ms
Response time 635ms avg · 635ms
MCP server No MCP endpoint found
API endpoints 2 endpoints found
Error handling 404 JSON response · 901ms
x402 compliance No x402 payment gates found · 564ms
Rate limiting No rate-limit headers (may still be rate-limited server-side) · 576ms
Documentation /docs found · 584ms
robots.txt AI crawlers HTTP 404 · 927ms
AI plugin manifest No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec /openapi.yaml found but invalid JSON · 380ms
Privacy / GDPR /privacy found (1269 chars) · 1137ms
Status / Health No status or health endpoint
EU AI Act disclosure No AI model card or disclosure endpoint
Travel Rule (FATF) No Travel Rule endpoint or VASP disclosure
A2A Protocol (Google) No agent.json for A2A discovery
DNSSEC No DNSSEC — domain is vulnerable to DNS spoofing
CAA Records 1 CAA record(s) found
DMARC / SPF DMARC p=reject
Auth maturity No authentication detected — open API or check failed
API versioning No versioned paths or version headers found
Human oversight No human oversight / kill switch endpoint (EU AI Act Art. 14)
Terms of Service /terms found (142678 chars) · 1101ms
Content-Type No application/json responses (1 paths tested)
Wallet trust No wallet address found in x402 or agent.json
ERC-8004 on-chain No EVM wallet found to verify on-chain registration
31
24 issues to fix
Critical — 3
x402 discovery failed

No x402 discovery found

Agent discovery failed

No agent.json found

llms.txt failed

HTTP 404

Warning — 21
security.txt needs attention

Not found

Security headers needs attention

3/5 — missing: content-security-policy

Response time needs attention

635ms avg

MCP server needs attention

No MCP endpoint found

x402 compliance needs attention

No x402 payment gates found

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

robots.txt AI crawlers needs attention

HTTP 404

AI plugin manifest needs attention

No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec needs attention

/openapi.yaml found but invalid JSON

Status / Health needs attention

No status or health endpoint

EU AI Act disclosure needs attention

No AI model card or disclosure endpoint

Travel Rule (FATF) needs attention

No Travel Rule endpoint or VASP disclosure

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

No DNSSEC — domain is vulnerable to DNS spoofing

DMARC / SPF needs attention

DMARC p=reject

Auth maturity needs attention

No authentication detected — open API or check failed

API versioning needs attention

No versioned paths or version headers found

Human oversight needs attention

No human oversight / kill switch endpoint (EU AI Act Art. 14)

Content-Type needs attention

No application/json responses (1 paths tested)

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

🔧 Fix 3 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Fix my API — $29 or included in Pro plan
Share on X Run new audit
🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Fix my API — $29 Current score: 31/100 → need 60+
Badge preview Shield preview
2026-03-31 21:51:43 UTC · getprobe.xyz