The free scanner currently checks public revenue-readiness signals such as:

• HTTP reachability and response status;
• HTTPS usage;
• page title, meta description, viewport, and Open Graph metadata;
• visible pricing, checkout, authentication, support, and legal-page signals;
• known payment provider, analytics, ad pixel, and conversion event signals;
• basic security headers such as CSP, HSTS, frame protection, and referrer policy;
• initial response time and third-party script load risk; and
• a revenue-readiness score derived from critical, warning, and informational findings.

The free scanner does not log in, complete checkout, bypass paywalls, test private networks, guarantee legal compliance, certify security, prove payment approval, confirm webhook fulfillment, or verify ad account delivery. It reads public web pages and reports what it can observe.

Deeper checks require explicit access such as a test account, payment sandbox credentials, webhook logs, analytics or ad platform diagnostics, and scripted browser flows.

OriginDeck starts from 100 and subtracts more for critical failures than warnings. Informational findings do not reduce the score. The score is meant to prioritize launch and monetization work, not to guarantee performance, revenue, payment approval, ad delivery, legal compliance, or security.

Only submit URLs you are allowed to test. Do not submit private networks, localhost, staging sites with secrets, customer data, or URLs containing credentials.

For service rules and data handling, review the Terms of Service and Privacy Policy.