HN Reader

Europe-wide takedown hits longest-standing dark web drug market (europol.europa.eu)

1 points by teatang 1m ago 0 comments

WhatsApp Introduces Ads in Its App (nytimes.com)

1 points by greenburger 1m ago 0 comments

A Knockout Blow for LLMs? (geoffgraham.me)

1 points by speckx 2m ago 0 comments

Liquid Glasslighting (spyglass.org)

1 points by ksec 3m ago 0 comments

Show HN: LegitURL: Assess the trustworthiness of unknown links

2 points by sigbyte 3m ago 0 comments

Building an agentic app with ClickHouse MCP and CopilotKit (clickhouse.com)

1 points by lio-p 4m ago 0 comments

Boosting Axon's Training Capabilities Toward State of the Art Image Models (elixirforum.com)

1 points by amalinovic 5m ago 0 comments

Patch Package OTP 26.2.5.13 Released (erlangforums.com)

1 points by unripe_syntax 7m ago 0 comments

Reward program locks man out of $43K account without warning or explanation (cbc.ca)

1 points by clscott 8m ago 2 comments

The Memory Paradox: Why Our Brains Need Knowledge in an Age of AI (papers.ssrn.com)

2 points by obscurette 9m ago 0 comments

Intelligence Is Not Magic, But Your Threshold For "Magic" Is Pretty Low (lesswrong.com)

1 points by optimalsolver 12m ago 0 comments

Hardest problems in maths, physics and future of AI (youtube.com)

1 points by nsoonhui 13m ago 0 comments

Trying to Stop Procrastination with My Thermal Receipt Printer (joeldare.com)

1 points by codazoda 15m ago 0 comments

AI agent lethal trifecta: private data, untrusted content, exfiltration vectors (simonwillison.net)

1 points by simonw 15m ago 0 comments

Google reportedly plans to cut ties with Scale AI (techcrunch.com)

1 points by paxys 15m ago 0 comments

Just Send Record (apps.apple.com)

1 points by zahirbmirza 15m ago 0 comments

Decomposing iOS Builds and Tracking Size Changes over Time Locally (dotipa.app)

1 points by elpakal 16m ago 0 comments

3D printable 6" f/5 compact travel telescope model (printables.com)

1 points by chantepierre 17m ago 2 comments

How LLMs Know When to Stop Talking? (louisbouchard.ai)

1 points by Capstanlqc 19m ago 1 comments

Rust compiler performance survey 2025 (blog.rust-lang.org)

1 points by mikece 20m ago 1 comments

Slack (2017) (thezvi.wordpress.com)

1 points by eamag 21m ago 0 comments

EU plans ban on new Russian gas contracts using trade law (ft.com)

5 points by toomuchtodo 22m ago 2 comments

End of Windows 10 is approaching, so it's time to consider Linux and LibreOffice (blog.documentfoundation.org)

6 points by speckx 23m ago 1 comments

Meteus – One API to Post on Instagram, TikTok, Pinterest, and More (meteus.dev)

1 points by meyusufdemirci 24m ago 1 comments

Ask HN: Would your team use a zero-mutation CLI to audit Kubernetes RBAC access?

1 points by tutran-se 25m ago 0 comments

Overclocked: An Archive of Graphics Card Box Art (lockbooks.net)

2 points by thenthenthen 25m ago 1 comments

Finding Private Information Through Resumes on Google Search (nelson.cloud)

1 points by nelsonfigueroa 27m ago 0 comments

Mac Mini Service Program for No Power Issue (support.apple.com)

1 points by doener 29m ago 0 comments

Revealing Political Bias in LLMs Through Structured Multi-Agent Debate (arxiv.org)

1 points by rntn 30m ago 0 comments

WhatsApp is getting ads using personal data from Instagram and Facebook (noyb.eu)

3 points by ThePhysicist 30m ago 0 comments

Merrypopins a Library for Nanoindentation (mnky9800n.substack.com)

1 points by mnky9800n 32m ago 0 comments

Ask HN: How do I market to consumers as a solo dev about to go to uni?

2 points by Alex-Programs 32m ago 4 comments

Crypto group Tron to go public after U.S. pauses probe into billionaire founder (ft.com)

2 points by cempaka 35m ago 0 comments

Trump Organization enters phone market with $499 Trump Mobile device (reuters.com)

6 points by jayknight 35m ago 2 comments

Apollo 11 Technical Crew Debriefing – Tape 3 [video] (youtube.com)

1 points by pgreenwood 35m ago 0 comments

Engineers at our startup don't build features anymore

1 points by s4293918 37m ago 0 comments

Replace Your Gmail Password Now, Google Tells 2B Users (forbes.com)

2 points by thunderbong 37m ago 1 comments

Breaking Murphy's Law (breakingmurphyslaw.com)

1 points by bookofjoe 39m ago 0 comments

Ask HN: How do you handle an employee who complies but never delivers?

4 points by tropicalfruit 41m ago 6 comments

Gbadev.org (gbadev.org)

1 points by ibobev 43m ago 0 comments

How Storytelling Fixed My Broken User Experience (eonurk.com)

1 points by celltalk 43m ago 0 comments

My grandparents chose to die together, the end chapter of love spanning 70 years (theguardian.com)

2 points by NaOH 43m ago 1 comments

Tyme+ – The Everyday App (tyme.today)

1 points by tymelabs 45m ago 2 comments

Summary of Heroku June 10 Outage (heroku.com)

1 points by dakull 46m ago 0 comments

Use AI to Get Your Time Back (algarch.com)

2 points by jdalton 49m ago 1 comments

Believing you only have one option is dangerous (clearerthinking.org)

7 points by gmays 57m ago 0 comments

GitHub metrics are lying to you (threadsafe.dev)

1 points by ruairidhwm 58m ago 0 comments

Video Game Controllers (plover.wiki)

1 points by tosh 1h ago 0 comments

How NOT to become a VP – 24 wrong steps on a journey (markgreville.ie)

2 points by gHeadphone 1h ago 0 comments

ChatMultiAI: Browser extension, send prompts to multiple providers at once (github.com)

1 points by gavinray 1h ago 1 comments

Show HN: LegitURL: Assess the trustworthiness of unknown links

2 sigbyte 0 6/16/2025, 1:37:19 PM
We’re in a strange place online where scam and legit links often look identical in their infrastructure and behavior. Fast development cycles, missing headers, lazy security configs, it’s hard to tell who’s careless and who’s malicious.

Even well-known websites ship with broken HTML, sketchy inline scripts, missing HSTS, or sloppy cookies.

That makes it harder for everyone, tech-savvy or not, to assess whether an unknown link is safe, especially with AI-generated scams on the rise, e.g., trap page —> auto-redirect stray clicks to legit site.

I built LegitURL to reveal subtle signals that might otherwise go unnoticed.

What it does:

LegitURL (Swift / iOS, open-source): – Runs offline: parses URL components, flags homograph attacks, entropy spikes, scammy terms – Sends a single stripped GET request (no cookies, no query) to analyze: – Silent or shady redirects (even without a Location header) – TLS cert sanity (CN/SAN match, freshness, sketchy intermediates) – Missing, broken, or contradictory CSP/HSTS headers – Cookie flags, expiry, tracking IDs – HTML structure: stripped comments, <script> tag analysis

All signals are shown transparently. You can export a PDF for humans or a JSON report for LLMs.

It’s not a malware detector or blacklist checker, it’s a structural/behavioral analyzer.

Fully on-device. Most links resolve in under 2s depending on latency.

Links – GitHub (repo + GIF demo): https://github.com/sigfault-byte/LegitURL – App Store (free / no-account): https://apps.apple.com/fr/app/legiturl/id6745583794

Still a WIP, some heuristics need tuning and edge cases are being discovered.

Would appreciate any feedback: – Are any signals missing or too strict? – UI ideas or improvements?

Thanks.

Comments (0)

No comments yet