Security Policy

Last updated: July, 2026

Unauthorized security testing is prohibited

Do not scan, probe, test, or attempt to exploit our systems without prior written permission.

Permission is required

Access to our public services does not grant permission to perform vulnerability scans, penetration tests, automated probes, or any other form of security testing. You must receive explicit written authorization from us before starting any test.

Unauthorized activity

If we detect unauthorized scanning or other suspicious activity, we may block the source IP address without notice. We may retain relevant technical information and report abusive IP addresses to AbuseIPDB or other appropriate service providers and authorities.

Responsible disclosure

If you discover a potential vulnerability without performing unauthorized testing, stop any further investigation and report it privately. Do not access, modify, download, or disclose data belonging to other people.

How to contact us

Use our contact form and clearly state whether you are requesting permission to perform a security test or reporting a vulnerability. You can also email us directly at [email protected].

Use the subject Security test request when requesting authorization, or Vulnerability report when reporting a potential security issue.

Sending a request does not grant permission. Testing is only allowed after written approval.

Submission requirements

Your request or report must include:

  • Your name and a working email address.
  • The domain, URL, service, or IP address involved.
  • A clear description of the requested test or discovered vulnerability.
  • The tools and techniques you intend to use, if you are requesting authorization.
  • The requested testing period, including your time zone.
  • Safe reproduction steps and the expected security impact, if reporting a vulnerability.
  • Relevant timestamps, request identifiers, and sanitized evidence.

Testing conditions

  • Do not begin testing until you have received explicit written authorization from us.
  • Only test the systems, methods, and dates specifically included in that authorization.
  • Do not use denial-of-service attacks, social engineering, phishing, spam, or malware.
  • Do not access, modify, delete, download, or retain data belonging to other people.
  • Stop testing immediately if you encounter personal, confidential, or sensitive data.
  • Keep all findings confidential until we confirm that disclosure is permitted.
  • Follow any additional restrictions included in our written authorization.

By continuing unauthorized security testing after receiving this warning, you accept the risk that your access will be blocked and your activity will be reported.