Observe
Work only with material already accessible to the public. Record the source URL, observation time and relevant context without interacting with sellers or operators.
Public-source research · Responsible reporting
Helundavo documents publicly accessible online material that may indicate illicit drug trade and prepares good-faith reports for the relevant platforms, registrars and hosting providers.
01 — About
Helundavo is an independent public-source research and abuse-reporting project. It is not a law-enforcement, government or regulatory body, does not conduct criminal investigations and does not claim affiliation with any institution.
Our role is narrow: preserve observable facts, assess context, minimise unnecessary personal data and submit material to the provider best placed to review it. We do not determine guilt, demand outcomes or publish accusations.
Operator biographical details are not published for safety reasons. This privacy measure does not alter our obligation to use accurate provider and registration information or to comply with applicable law.
02 — Methodology
A report is useful only when its provenance is clear, its language is proportionate and its recipient can independently assess the material.
Work only with material already accessible to the public. Record the source URL, observation time and relevant context without interacting with sellers or operators.
Keep originals unchanged. Document provenance and transformations; use cryptographic hashes when they materially support integrity.
Clearly distinguish verified facts, source statements, analytical conclusions, hypotheses and what remains unknown.
Remove personal and third-party information that is not necessary for the recipient’s policy assessment.
Verify the recipient, scope, attachments, metadata and potential consequences before any material leaves the project boundary.
Use official published abuse channels, factual language and the minimum evidence needed. The recipient decides what action, if any, is appropriate.
03 — Boundaries
The project is designed to reduce harm without creating new risk, exposure or confrontation.
04 — Public policy
These commitments govern public-facing work and take precedence over speed or volume.
An abuse report is a notice asking a service provider to assess a possible violation of its rules or applicable law. Reports are addressed to platforms, registrars, hosting providers or other responsible service operators through contacts published by those organisations. They describe observable content and relevant URLs, not legal conclusions about people.
Helundavo asks recipients to assess material under their own policies. We do not request private subscriber data and do not imply official authority.
Credible correction requests are reviewed against the preserved source record. Material errors are corrected promptly and the nature of a substantive change is documented.
Corrections do not require disclosure of protected sources, internal security controls or unrelated records. A dedicated corrections channel will be published after project mail authentication has been tested.
This site has no analytics, advertising pixels, social widgets, accounts, comments, cookies or evidence-upload forms. It does not intentionally collect visitor-submitted personal data.
Cloudflare and other network providers may process limited request and security data to deliver and protect the site under their documented policies and retention practices. Helundavo does not maintain a separate visitor-log datastore and does not claim that infrastructure logs never exist.
The public site is separated from internal research records and contains no case tracker, evidence store or administrative interface. Reports of security issues should follow the instructions at /.well-known/security.txt.
Please do not include exploit payloads, credentials, personal data or unpublished third-party material in an initial notification.
Intake status: Helundavo is not yet accepting external case submissions. Dedicated mail channels will be announced only after authentication and metadata checks are complete.