← Nazad na scannerBack to scanner

Prijava zloupotrebe

Verzija 2026-04-12-v3 · Ako je neko skenirao vas sajt preko nase alatke bez dozvole, ovde mozete podneti formalnu prijavu ili nas kontaktirajte na abuse@gradovi.rs.

Kada podneti prijavu

Ova forma je za vlasnike domena koji su primetili da je njihov sajt skeniran od strane naseg alata bez njihovog odobrenja. Konkretno:

Vidite nase User-Agent u vasim server logovima (WebSecurityScanner-Verifier/1.0)
Primetili ste povecan broj automatizovanih zahteva koji odgovaraju signaturi naseg skenera
Neko vam je poslao rezultat skeniranja vaseg domena koji niste trazili
Imate drugi razlog da verujete da je vas domen skeniran bez dozvole

Kako se prijava obradjuje

Prijava se belezi u audit log odmah po prijemu (append-only, ne moze se prepraviti)
Operator pregleda u roku od 72 sata radnim danima
Ako prijava ima konkretne scan_id reference, povezani audit zapisi se flaguju kao pravna evidencija i cuvaju zauvek (umesto podrazumevanih 90 dana)
Ako se potvrdi zloupotreba, vas domen se dodaje na listu blokade — svi buduci pokusaji skeniranja vraćaju HTTP 403
Ako ste ostavili email, obavestavamo vas o ishodu

Sta nece biti uradjeno

Ne mozemo da retroaktivno "obrisemo" rezultat ranijeg skeniranja jer scanner je pasivan — nismo uopste preuzeli podatke iz vase baze, samo smo citali javno dostupne odgovore
Ne mozemo da kaznimo korisnika koji je pokrenuo scan — nemamo njegove raw identifikatore (samo pseudonimizovane hash-ove IP adrese)
Ne pruzamo besplatne pravne savete — ako su vam potrebni, obratite se advokatu koji se bavi cyber-security-jem

Obrazac za prijavu

FAQ

Zasto uopste postoji besplatni scanner koji radi bez mog odobrenja? Scanner je namenjen vlasnicima sajtova koji zele da provere svoj sopstveni sajt. Uslovi koriscenja (pogledaj) eksplicitno traze da korisnik potvrdi consent checkbox pre svakog scan-a. Zloupotrebe su retke ali se desavaju — ova prijava je upravo kanal za njih.

Mogu li da zatrazim brisanje svih zapisa o mom domenu? Da — takva prijava se tretira kao GDPR takedown zahtev. Pogledajte Politiku privatnosti sekciju 8 za detalje. Napomena: audit_log zapisi su append-only i cuvaju se 90 dana — mozemo ih markirati kao "izuzeti iz statistike" ali fizicki brisanje nije moguce dok se automatski ne obrisu po retention pravilu.

Sta ako ovo zloupotrebljava konkurentski sajt ili bot mreza? Operater moze dodati blok na nivou domena ili IP hash-a. Ako imate dokazi o organizovanoj kampanji (mnogo razlicitih IP-jeva sa istim fingerprint-om), navedite to u opisu — postoje posebni alati za takve slucajeve.

Hocu da dokazem da sam vlasnik domena pre podnosenja Nije obavezno za abuse report, ali ako zelite i druge beneficije (pregledati svoju scan istoriju, videti detaljne rezultate), mozete izvrsiti verifikaciju vlasnistva kroz meta tag / fajl / DNS TXT zapis. Vise detalja u Uslovima koriscenja sekcija 7.

Report abuse

Version 2026-04-12-v3 · If someone scanned your site through our tool without your permission, you can file a formal report here or contact us at abuse@gradovi.rs.

When to file a report

This form is for domain owners who have noticed that their site was scanned by our tool without their approval. Specifically:

You see our User-Agent in your server logs (WebSecurityScanner-Verifier/1.0)
You noticed an increase in automated requests matching our scanner's signature
Someone sent you a scan result of your domain that you didn't request
You have another reason to believe your domain was scanned without permission

How the report is processed

The report is logged to the audit log immediately upon receipt (append-only, cannot be modified)
The operator reviews within 72 hours on business days
If the report includes specific scan_id references, the related audit entries are flagged as legal evidence and kept indefinitely (instead of the default 90 days)
If abuse is confirmed, your domain is added to the block list — all future scan attempts return HTTP 403
If you left an email, we notify you of the outcome

What will not be done

We cannot retroactively "delete" an earlier scan's results because the scanner is passive — we never pulled data from your database, we only read publicly available responses
We cannot punish the user who initiated the scan — we don't have their raw identifiers (only pseudonymized IP hashes)
We do not provide free legal advice — if you need it, contact a lawyer who deals with cybersecurity

Report form

FAQ

Why does a free scanner even exist that works without my approval? The scanner is intended for site owners who want to check their own site. The Terms of Service explicitly require the user to check a consent checkbox before every scan. Abuse is rare but happens — this report is exactly the channel for it.

Can I request deletion of all records about my domain? Yes — such a request is treated as a GDPR takedown request. See the Privacy Policy section 8 for details. Note: audit_log entries are append-only and retained for 90 days — we can mark them as "excluded from statistics" but physical deletion is not possible until automatic pruning per retention rules.

What if this is being abused by a competitor site or a bot network? The operator can add a block at the domain or IP hash level. If you have evidence of an organized campaign (many different IPs with the same fingerprint), mention it in the description — there are special tools for such cases.

I want to prove domain ownership before filing Not required for an abuse report, but if you want additional benefits (review your own scan history, see detailed results), you can complete ownership verification through a meta tag / file / DNS TXT record. More details in the Terms of Service section 7.