SSL / TLS
Valid HTTPS · 188ms
x402 discovery
n/a
Agent discovery
/.well-known/agent.json returned HTTP 403 (should be 200) · 197ms
llms.txt
HTTP 403 · 176ms
security.txt
Not found · 185ms
CORS headers
No CORS header (OK if server-to-server only) · 200ms
Security headers
0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy · 200ms
Response time
182ms avg · 182ms
MCP server
/mcp returned HTTP 403 · 208ms
API endpoints
2 endpoints found
Error handling
Returns 403 for unknown paths · 219ms
x402 compliance
n/a
Rate limiting
No rate-limit headers (may still be rate-limited server-side) · 224ms
Documentation
No documentation endpoint
robots.txt AI crawlers
HTTP 403 · 307ms
AI plugin manifest
No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec
No OpenAPI/Swagger spec found
Privacy / GDPR
No privacy policy or GDPR endpoint
Status / Health
No status or health endpoint
EU AI Act disclosure
No AI model card or disclosure endpoint
Travel Rule (FATF)
n/a
A2A Protocol (Google)
No agent.json for A2A discovery
DNSSEC
DNSSEC check failed
CAA Records
CAA check failed
DMARC / SPF
DMARC p=quarantine
Auth maturity
API key
API versioning
/v1
Human oversight
/agent/stop — restricted (EU AI Act Art. 14) · 294ms
Terms of Service
No Terms of Service endpoint found
Content-Type
No application/json responses (1 paths tested)
OASF Classification
No OASF or agent service classification found
MCP Transport Security
No MCP endpoint found
Voice AI Disclosure
n/a
Synthetic Voice Labeling
n/a
Synthetic Content Labeling
n/a
Emotion Recognition Declaration
n/a
Call Recording Consent
n/a
FCC/TCPA Compliance
n/a
Operator Identity & KYB
n/a
Opt-out & Human Escalation
n/a
Voice Call Policy
n/a
Caller Identity Declaration
n/a
Wallet trust
n/a
ERC-8004 on-chain
n/a
Critical — 1Warning — 23Agent discovery needs attention/.well-known/agent.json returned HTTP 403 (should be 200)
security.txt needs attentionNot found
CORS headers needs attentionNo CORS header (OK if server-to-server only)
Security headers needs attention0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy
MCP server needs attention/mcp returned HTTP 403
Error handling needs attentionReturns 403 for unknown paths
Rate limiting needs attentionNo rate-limit headers (may still be rate-limited server-side)
Documentation needs attentionNo documentation endpoint
robots.txt AI crawlers needs attentionHTTP 403
AI plugin manifest needs attentionNo ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec needs attentionNo OpenAPI/Swagger spec found
Privacy / GDPR needs attentionNo privacy policy or GDPR endpoint
Status / Health needs attentionNo status or health endpoint
EU AI Act disclosure needs attentionNo AI model card or disclosure endpoint
A2A Protocol (Google) needs attentionNo agent.json for A2A discovery
DNSSEC needs attentionDNSSEC check failed
CAA Records needs attentionCAA check failed
DMARC / SPF needs attentionDMARC p=quarantine
Auth maturity needs attentionAPI key
Terms of Service needs attentionNo Terms of Service endpoint found
Content-Type needs attentionNo application/json responses (1 paths tested)
OASF Classification needs attentionNo OASF or agent service classification found
MCP Transport Security needs attentionNo MCP endpoint found