Acceptable Use Policy
Effective: 2026-04-20. Version 1.
You may only scan domains you own or have written authorisation to test.
Scanning third-party domains without permission may be a criminal offence and is always a breach of this policy.
1. Authorisation
Before scanning, you must verify control of the domain via DNS TXT record or HTTPS file. The service will not queue a scan against an unverified domain.
2. Prohibited uses
- Scanning domains, IPs, or services you do not own or have written authorisation to test.
- Attempting to bypass the domain verification mechanism.
- Using scan findings to facilitate any unauthorised access, disruption, or damage.
- Re-selling, re-distributing, or white-labelling scan output without a separate agreement.
- Using the service to scan critical infrastructure, government, or medical systems you do not operate.
- Using the service to harass, defame, or threaten.
3. Rate and volume
Do not circumvent plan quotas with multiple accounts. Usage that materially degrades the service for others may be throttled or suspended.
4. Enforcement
Violations may result in suspension or termination of your account, forfeiture of prepaid fees, and — in serious cases — referral to law enforcement. We retain logs of verification attempts and scan requests to investigate suspected abuse.
5. Reporting
Report suspected abuse to [TO FILL IN — abuse email].
If you are unsure whether a particular use is permitted, contact us before running the scan.