10 free scans/month · Pay-per-scan · No subscription

Automated Developer
Intelligence Reports

Security, SSL/TLS, DNS, tech-stack, performance, API documentation, and SEO scans — delivered in seconds. Built for developers, AI agents, and CI/CD pipelines.

8 Service SKUs
<5s Average Scan
$2-4 Per Report
JSON Artifact Output

Eight Reports. One API.

Each service scans a target URL and returns a structured JSON artifact with scores, grades, and an actionable remediation list. Every partner gets 10 free scans per month.

🛡️

Security Snapshot

HTTP headers, TLS certificate health, redirect chain, mixed content detection, risk scoring (0-100), and AI triage recommendations.

$4 security_snapshot
  • ✓ HSTS, CSP, X-Frame-Options
  • ✓ TLS expiry & certificate health
  • ✓ Redirect chain analysis
  • ✓ Mixed content detection
  • ✓ Trend history per domain
  • ✓ Triage recommendations
📄

API Doc Brief

Discovers link structure, detects API-pattern endpoints, extracts form inputs, collects response headers, and generates documentation.

$3 api_doc_brief
  • ✓ Link discovery & classification
  • ✓ API endpoint pattern detection
  • ✓ Form action extraction
  • ✓ Response header collection
  • ✓ Meta tag analysis

Performance Audit

Response time breakdown, page weight measurement, compression detection, caching analysis, and optimization recommendations with letter grades.

$3 performance_audit
  • ✓ TTFB & total load time
  • ✓ Page weight analysis
  • ✓ Compression detection
  • ✓ Cache header analysis
  • ✓ Grade A-F with recommendations
🔍

SEO Health Check

Title & meta analysis, heading structure, Open Graph data, canonical URLs, viewport check, and structured SEO scoring.

$2 seo_check
  • ✓ Title & meta description audit
  • ✓ H1/H2 heading structure
  • ✓ Open Graph validation
  • ✓ Mobile viewport check
  • ✓ Grade A-F with issues list
🔐

SSL / TLS Report

Deep TLS inspection: negotiated protocol & cipher, full certificate chain with expiry & key strength, HSTS analysis, and preload-eligibility check.

$2 ssl_tls_report
  • ✓ TLS 1.3 / 1.2 protocol detection
  • ✓ Full certificate chain audit
  • ✓ Days until expiry per cert
  • ✓ Key size & signature alg checks
  • ✓ HSTS + preload eligibility
🌐

DNS Health

Authoritative DNS audit: A/AAAA/NS/MX/TXT/CAA records, SPF/DKIM/DMARC email auth, DNSSEC signing, and NS redundancy across organisations.

$2 dns_health
  • ✓ All record types resolved
  • ✓ SPF / DKIM / DMARC validation
  • ✓ DNSSEC AD-flag check via DoH
  • ✓ CAA record audit
  • ✓ NS redundancy scoring
🧩

Tech Stack Fingerprint

Detects CMS, framework, server, language, CDN, analytics, and e-commerce platforms from response headers, cookies, and HTML markers. ~60 signatures.

$3 tech_stack_fingerprint
  • ✓ WordPress, Drupal, Ghost, Webflow, Wix…
  • ✓ Next.js, Nuxt, React, Vue, Svelte, Astro…
  • ✓ Cloudflare, Fastly, Vercel, Netlify…
  • ✓ Shopify, WooCommerce, Magento, BTCPay…
  • ✓ GA4, GTM, Plausible, Fathom, Matomo…
📦

Security Pack — Bundle

Security Snapshot + SSL/TLS Report + DNS Health in a single call. One combined artifact with an overall posture score and a single prioritised remediation list.

$6 security_pack
  • ✓ Three security scans, one call
  • ✓ Overall posture score (0-100)
  • ✓ Unified, severity-sorted remediation
  • ✓ $6 vs $8 bought separately

How It Works

Three steps. No accounts required. Crypto payments via TimeLightHub.

1

Request a Scan

POST to /purchase with your target URL and chosen SKU. You receive an invoice with a checkout link.

2

Pay the Invoice

Pay via Bitcoin or crypto using the checkout link. TimeLightHub confirms payment via signed webhook.

3

Get Your Report

Your scan runs automatically. Download the structured JSON artifact from the API or client portal.

Simple Per-Scan Pricing

No subscriptions. No commitments. Pay only for what you use.

Service SKU Price Output
Security Snapshot security_snapshot $4 JSON report + score + triage
Performance Audit performance_audit $3 JSON report + grade + recommendations
API Doc Brief api_doc_brief $3 JSON report + endpoint discovery
SEO Health Check seo_check $2 JSON report + grade + issues
SSL / TLS Report ssl_tls_report $2 JSON report + cert chain + HSTS analysis
DNS Health dns_health $2 JSON report + SPF/DKIM/DMARC/DNSSEC audit
Tech Stack Fingerprint tech_stack_fingerprint $3 JSON report + detected platforms by category
Security Pack (bundle) security_pack $6 Security Snapshot + SSL/TLS + DNS combined — overall score + one remediation list ($8 separately)
Free tier: Every partner gets 10 free scans per month (bundle excluded) — no card, settle the rest in Bitcoin / Lightning.
Volume credit: Pre-pay a credit pack for up to +40% bonus ($250 → $350 credit); scans draw down at list price — a volume discount with no subscription.
Continuous monitoring: Schedule any scan to re-run automatically with anomaly alerts — or add the $20/mo Monitoring Pass for unlimited monitor runs.
Why pay vs. free tools? Unlike free header/SSL checkers, every report is agent-ready (MCP), commercial-use, rate-limit-free, and ships a prioritised remediation list — and we cover SSL/TLS and DNS, which the free tools don't.
Partner API: Self-service keys, monthly caps, and live usage metrics.

Bot-Friendly JSON API

Plain HTTP. No SDK required. AI agents can call it directly.

POST /purchase Create a scan request
curl -X POST https://afc.timelighthub.com/purchase \
  -H "Content-Type: application/json" \
  -d '{
    "requestId": "req_001",
    "customerId": "cust_001",
    "sku": "security_snapshot",
    "input": {
      "targetUrl": "https://example.com"
    }
  }'
GET /catalog List available services
curl https://afc.timelighthub.com/catalog | jq
POST /partner/register Self-service API key generation
curl -X POST https://afc.timelighthub.com/partner/register \
  -H "Content-Type: application/json" \
  -d '{
    "partnerId": "bot_assistant_v1"
  }'
GET /portal/customer/{id} View order history & artifacts
curl https://afc.timelighthub.com/portal/customer/cust_001 | jq

Public Endpoints

GET /health — Service health status
GET /catalog — List all services & pricing
POST /partner/register — Self-service API key registration for AI bots
POST /purchase — Create scan & get invoice
GET /portal/customer/{id} — Customer request history
GET /artifacts/{file} — Download report artifact

Advanced Agent Workflows

Agent Forge Commerce is built specifically to be natively integrated into AI assistants and autonomous bot pipelines.

🤖

Native MCP Server

Package includes a fully functional Model Context Protocol (MCP) server. Plug it directly into Claude Desktop or Cursor so your AI can autonomously scan URLs in-chat.

Outbound Webhooks

Don't want your bot to poll the API? Pass a webhookUrl in your POST request, and we will automatically push the final JSON artifact to your endpoint as soon as the scan completes.

💳

Post-Paid Partner Billing

High-volume bots can bypass the crypto checkout process entirely. Registered AI partners receive a monthly cap, instant fulfillment, and settle their balance automatically.

Built for Production

🔐

HMAC Webhook Verification

Timing-safe signature verification on every payment webhook. No fulfillment without confirmed payment.

🛑

Emergency Stop

JWT-protected kill switch instantly pauses all purchases and fulfillment. Full audit trail preserved.

💰

Spending Caps

Daily and monthly spending limits. Partner API keys with per-partner caps. No runaway billing.

🔄

Idempotent Processing

Duplicate webhooks are detected and ignored. Each request fulfills exactly once.

📊

Full Audit Logging

Every request, webhook, fulfillment, and error is logged with timestamps and context.

🚦

Rate Limiting

Per-IP sliding window rate limiter prevents abuse and ensures fair access for all users.