SSL / TLS
Valid HTTPS · 39ms
x402 discovery
n/a
Agent discovery
/.well-known/agent.json returned HTTP 404 (should be 200) · 330ms
llms.txt
structured · API info · auth docs · limits/pricing · 9838 chars · 244ms
security.txt
Not found · 320ms
CORS headers
No CORS header (OK if server-to-server only) · 43ms
Security headers
3/5 — missing critical: strict-transport-security, content-security-policy · 46ms
Response time
1240ms avg — slow · 1240ms
MCP server
/mcp returned HTTP 403 · 53ms
API endpoints
2 endpoints found
Error handling
Returns 403 for unknown paths · 61ms
x402 compliance
n/a
Rate limiting
No rate-limit headers (may still be rate-limited server-side) · 68ms
Documentation
No documentation endpoint
robots.txt AI crawlers
robots.txt exists but no AI crawler rules · 283ms
AI plugin manifest
No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec
No OpenAPI/Swagger spec found
Privacy / GDPR
No privacy policy or GDPR endpoint
Status / Health
No status or health endpoint
EU AI Act disclosure
No AI model card or disclosure endpoint
Travel Rule (FATF)
n/a
A2A Protocol (Google)
No agent.json for A2A discovery
DNSSEC
DNSSEC validated (AD flag)
CAA Records
CAA check failed
DMARC / SPF
DMARC p=reject
Auth maturity
API key
API versioning
/v1
Human oversight
/agent/stop — restricted (EU AI Act Art. 14) · 361ms
Terms of Service
No Terms of Service endpoint found
Content-Type
No application/json responses (1 paths tested)
OASF Classification
No OASF or agent service classification found
MCP Transport Security
No MCP endpoint found
Voice AI Disclosure
n/a
Synthetic Voice Labeling
n/a
Synthetic Content Labeling
n/a
Emotion Recognition Declaration
n/a
Call Recording Consent
n/a
FCC/TCPA Compliance
n/a
Operator Identity & KYB
n/a
Opt-out & Human Escalation
n/a
Voice Call Policy
n/a
Caller Identity Declaration
n/a
Wallet trust
n/a
ERC-8004 on-chain
n/a
Warning — 23Agent discovery needs attention/.well-known/agent.json returned HTTP 404 (should be 200)
security.txt needs attentionNot found
CORS headers needs attentionNo CORS header (OK if server-to-server only)
Security headers needs attention3/5 — missing critical: strict-transport-security, content-security-policy
Response time needs attention1240ms avg — slow
MCP server needs attention/mcp returned HTTP 403
Error handling needs attentionReturns 403 for unknown paths
Rate limiting needs attentionNo rate-limit headers (may still be rate-limited server-side)
Documentation needs attentionNo documentation endpoint
robots.txt AI crawlers needs attentionrobots.txt exists but no AI crawler rules
AI plugin manifest needs attentionNo ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec needs attentionNo OpenAPI/Swagger spec found
Privacy / GDPR needs attentionNo privacy policy or GDPR endpoint
Status / Health needs attentionNo status or health endpoint
EU AI Act disclosure needs attentionNo AI model card or disclosure endpoint
A2A Protocol (Google) needs attentionNo agent.json for A2A discovery
CAA Records needs attentionCAA check failed
DMARC / SPF needs attentionDMARC p=reject
Auth maturity needs attentionAPI key
Terms of Service needs attentionNo Terms of Service endpoint found
Content-Type needs attentionNo application/json responses (1 paths tested)
OASF Classification needs attentionNo OASF or agent service classification found
MCP Transport Security needs attentionNo MCP endpoint found