ordiscan.com F · 31/100
6 passed 24 warnings 2 failed audit-mnfnwr0b
SSL / TLS Valid HTTPS · 10ms
x402 discovery No x402 discovery found
Agent discovery No agent.json found
llms.txt Found (983 chars) · 70ms
security.txt Not found · 111ms
CORS headers No CORS header (OK if server-to-server only) · 11ms
Security headers 3/5 — missing critical: strict-transport-security, content-security-policy · 13ms
Response time 73ms avg · 73ms
MCP server No MCP endpoint found
API endpoints 2 endpoints found
Error handling Returns 403 for unknown paths · 18ms
x402 compliance No x402 payment gates found · 19ms
Rate limiting No rate-limit headers (may still be rate-limited server-side) · 20ms
Documentation No documentation endpoint
robots.txt AI crawlers robots.txt exists but no AI crawler rules · 78ms
AI plugin manifest No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec No OpenAPI/Swagger spec found
Privacy / GDPR No privacy policy or GDPR endpoint
Status / Health No status or health endpoint
EU AI Act disclosure No AI model card or disclosure endpoint
Travel Rule (FATF) No Travel Rule endpoint or VASP disclosure
A2A Protocol (Google) No agent.json for A2A discovery
DNSSEC DNSSEC check failed
CAA Records No CAA records — any CA can issue certificates
DMARC / SPF DMARC p=none (weak) · SPF ~all (softfail)
Auth maturity API key
API versioning /v1
Human oversight /agent/stop — restricted (EU AI Act Art. 14) · 143ms
Terms of Service No Terms of Service endpoint found
Content-Type API paths return HTML: /v1/ returns HTML
Wallet trust No wallet address found in x402 or agent.json
ERC-8004 on-chain No EVM wallet found to verify on-chain registration
31
26 issues to fix
Critical — 2
x402 discovery failed

No x402 discovery found

Agent discovery failed

No agent.json found

Warning — 24
security.txt needs attention

Not found

CORS headers needs attention

No CORS header (OK if server-to-server only)

Security headers needs attention

3/5 — missing critical: strict-transport-security, content-security-policy

MCP server needs attention

No MCP endpoint found

Error handling needs attention

Returns 403 for unknown paths

x402 compliance needs attention

No x402 payment gates found

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

Documentation needs attention

No documentation endpoint

robots.txt AI crawlers needs attention

robots.txt exists but no AI crawler rules

AI plugin manifest needs attention

No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec needs attention

No OpenAPI/Swagger spec found

Privacy / GDPR needs attention

No privacy policy or GDPR endpoint

Status / Health needs attention

No status or health endpoint

EU AI Act disclosure needs attention

No AI model card or disclosure endpoint

Travel Rule (FATF) needs attention

No Travel Rule endpoint or VASP disclosure

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

DNSSEC check failed

CAA Records needs attention

No CAA records — any CA can issue certificates

DMARC / SPF needs attention

DMARC p=none (weak) · SPF ~all (softfail)

Auth maturity needs attention

API key

Terms of Service needs attention

No Terms of Service endpoint found

Content-Type needs attention

API paths return HTML: /v1/ returns HTML

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

🔧 Fix 2 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Fix my API — $29 or included in Pro plan
Share on X Run new audit
🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Fix my API — $29 Current score: 31/100 → need 60+
Badge preview Shield preview
2026-04-01 06:25:55 UTC · getprobe.xyz