L0Unreachable— Endpoint could not be reached
L1Connected— Basic connectivity established
L2Protocol OK— TLS and headers verified
L3Identified— Provider family identified
L4Verified Relay— Known legitimate relay confirmed
L5Official Confirmed— Official API domain and ASN match
L6Fingerprinted— Behavioral fingerprint verified
L7Fully Verified— All checks including token audit passed
🔬
Scientific Method
Based on academic research including UTF rare token probing and behavioral fingerprinting from LLMmap.
🔑
No Key Required
Quick Scan works without any API key. We only need an endpoint URL to start.
🔒
Privacy First
API keys are never stored. Deep scan results stay in your browser localStorage.
📊
80+ Model Database
Covers 16+ model families with tokenizer ratios, identity patterns, and refusal signatures.
What is API fraud?
API fraud includes: fake models (claiming GPT-4 but serving GPT-3.5), token inflation (charging for more tokens than used), relay chains (your data passes through unknown intermediaries), and speed reduction (throttling responses while charging full price).
How accurate is the detection?
Quick Scan provides family-level identification with ~70% confidence for official APIs. Deep Scan with an API key achieves model-level identification with 85-99% confidence using behavioral fingerprinting and rare token probes.
Is my API key safe?
Yes. Your API key is only used during the scan and is never stored on our servers. It is cleared from memory immediately after the scan completes.
What is Trust Score L0-L7?
A graduated verification system. L0 = unreachable, L3 = provider identified, L5 = official confirmed, L7 = fully verified including token audit. Higher levels require deeper probing.
Can relay stations fake the detection?
Sophisticated relays can partially spoof responses. Our behavioral fingerprinting and rare token probes are designed to detect such spoofing, but no system is 100% foolproof. Scores are for risk flagging, not forensic evidence.