Content Policy & Transparency

PageDrop automatically scans every upload to protect users from phishing, malware, and abuse. We believe in full transparency about what we block and why.

Why we scan content: PageDrop is a free, open hosting platform. Without content scanning, bad actors could use the service to host phishing pages, distribute malware, or run scams. Our automated scanner checks every upload before it goes live and rejects content that matches known malicious patterns. Legitimate content is never affected.

Blocked Patterns

The following categories of content are automatically blocked during upload. Each pattern targets a specific attack vector while keeping false positives near zero.

phishing

External Form Submissions

HTML forms that submit data to external servers. This is the primary vector for credential-harvesting phishing pages that impersonate login screens.

exfiltration

Credential Exfiltration

Scripts that send captured data to Telegram bots, Discord webhooks, or other external endpoints commonly used to exfiltrate stolen credentials.

privacy

Camera & Microphone Access

Pages requesting getUserMedia access to capture audio or video from visitors without legitimate reason. Prevents surveillance and snooping attacks.

dos

WebGL Crash Payloads

Malicious WebGL shaders or rendering loops designed to crash browsers or freeze devices. Prevents denial-of-service attacks against visitors.

redirect

Redirect Abuse

Pages that immediately redirect visitors to external malicious sites. Prevents PageDrop URLs from being used as redirect laundering for spam or phishing campaigns.

scam

Crypto Wallet Scams

Pages impersonating cryptocurrency wallets, fake token sales, or wallet-drainer scripts that trick users into connecting their wallets and signing malicious transactions.

impersonation

Brand Impersonation

Pages that replicate login screens or branding of major services (Google, Microsoft, banks) combined with credential collection forms.

obfuscation

Obfuscated Code

Heavily obfuscated JavaScript designed to hide malicious intent. Legitimate minified code is not affected — only patterns consistent with intentional obfuscation to evade detection.

Moderation Stats

A snapshot of PageDrop content moderation activity. These numbers are updated periodically.

10,000+
Total Sites Hosted
312
Sites Blocked by Automated Scanning
18
Sites Removed After User Reports
0
False Positive Appeals
Last updated: March 2026

Appeal Process

If you believe your content was incorrectly rejected, you can appeal the decision.

How to Appeal a False Positive

  1. Review the error message returned by the API — it identifies which pattern triggered the block.
  2. Check the blocked patterns list above to understand what was detected.
  3. If you believe the rejection was incorrect, modify your HTML to avoid the flagged pattern and re-upload.
  4. If the issue persists, open a GitHub issue at github.com/softvoyagers/pagedrop-api with the subject "False Positive Appeal" and include your HTML content (or a minimal reproduction).
Note: The content policy is also available programmatically via GET /api/v1/content-policy. This endpoint returns the full list of blocked patterns with their descriptions, which you can use to pre-validate content before uploading.
Part of the SoftVoyagers Ecosystem
LinkMeta PageShot PDFSpark OGForge LinkShrink Faktuj QRMint PageDrop Pisma Szyte Na Miarę