SSL / TLS
Valid HTTPS · 10ms
x402 discovery
n/a
Agent discovery
No agent.json found
llms.txt
HTTP 530 · 10ms
security.txt
Not found · 10ms
CORS headers
No CORS header (OK if server-to-server only) · 11ms
Security headers
2/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy · 12ms
Response time
16ms avg · 16ms
MCP server
n/a
API endpoints
No standard endpoints
Error handling
Returns 530 for unknown paths · 13ms
x402 compliance
n/a
Rate limiting
No rate-limit headers (may still be rate-limited server-side) · 13ms
Documentation
No documentation endpoint
robots.txt AI crawlers
HTTP 530 · 14ms
AI plugin manifest
No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec
No OpenAPI/Swagger spec found
Privacy / GDPR
No privacy policy or GDPR endpoint
Status / Health
No status or health endpoint
EU AI Act disclosure
No AI model card or disclosure endpoint
Travel Rule (FATF)
n/a
A2A Protocol (Google)
No agent.json for A2A discovery
DNSSEC
DNSSEC check failed
CAA Records
CAA check failed
DMARC / SPF
No DMARC or SPF records found
Auth maturity
No authentication detected — open API or check failed
API versioning
/v1
Human oversight
No human oversight / kill switch endpoint (EU AI Act Art. 14)
Terms of Service
No Terms of Service endpoint found
Content-Type
No application/json responses (1 paths tested)
OASF Classification
No OASF or agent service classification found
MCP Transport Security
n/a
Voice AI Disclosure
n/a
Synthetic Voice Labeling
n/a
Synthetic Content Labeling
n/a
Emotion Recognition Declaration
n/a
Call Recording Consent
n/a
FCC/TCPA Compliance
n/a
Operator Identity & KYB
n/a
Opt-out & Human Escalation
n/a
Voice Call Policy
n/a
Caller Identity Declaration
n/a
Wallet trust
n/a
ERC-8004 on-chain
n/a
Critical — 2Agent discovery failedNo agent.json found
Warning — 22security.txt needs attentionNot found
CORS headers needs attentionNo CORS header (OK if server-to-server only)
Security headers needs attention2/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy
API endpoints needs attentionNo standard endpoints
Error handling needs attentionReturns 530 for unknown paths
Rate limiting needs attentionNo rate-limit headers (may still be rate-limited server-side)
Documentation needs attentionNo documentation endpoint
robots.txt AI crawlers needs attentionHTTP 530
AI plugin manifest needs attentionNo ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec needs attentionNo OpenAPI/Swagger spec found
Privacy / GDPR needs attentionNo privacy policy or GDPR endpoint
Status / Health needs attentionNo status or health endpoint
EU AI Act disclosure needs attentionNo AI model card or disclosure endpoint
A2A Protocol (Google) needs attentionNo agent.json for A2A discovery
DNSSEC needs attentionDNSSEC check failed
CAA Records needs attentionCAA check failed
DMARC / SPF needs attentionNo DMARC or SPF records found
Auth maturity needs attentionNo authentication detected — open API or check failed
Human oversight needs attentionNo human oversight / kill switch endpoint (EU AI Act Art. 14)
Terms of Service needs attentionNo Terms of Service endpoint found
Content-Type needs attentionNo application/json responses (1 paths tested)
OASF Classification needs attentionNo OASF or agent service classification found