online / endpoints 139 / categories 19 / rate 60/min/ip /
catastrophic.io
hub · privacy

Privacy

What this site logs (almost nothing), what Cloudflare logs (the usual), and what cookieless analytics measures.

This site is designed to leak as little information about its users as possible. There are no accounts and no cookies set by the site. The only script loaded from a different origin is Cloudflare’s cookieless analytics beacon, described below. There are no tracking pixels and no other third-party scripts on any page.

What this site logs

Nothing about your requests is logged or retained by this site. Specifically:

  • Request bodies are not read, parsed, or stored.
  • Request headers are not logged (a few are inspected to decide what to return — for example, Accept for content negotiation — but they are not retained).
  • Query parameters are not logged.
  • IP addresses are not stored by this site. They pass through the rate limiter as ephemeral keys and are discarded.

A small amount of operational state is kept in Cloudflare’s edge key-value storage: per-endpoint usage counters and a circuit-breaker status. This state is aggregate and does not include any per-request identifiers.

What Cloudflare logs

This site runs on Cloudflare’s edge network, which means Cloudflare sees every request before this site does. Cloudflare retains standard edge access logs for its own operational, security, and billing purposes:

  • Source IP address
  • Request method, path, and approximate timing
  • Response status code and size
  • User agent and Referer headers
  • TLS handshake metadata

These logs are governed by Cloudflare’s privacy policy, not this one. The operator of this site does not have direct access to raw Cloudflare logs beyond the aggregate dashboards Cloudflare provides.

Cookies

This site does not set any cookies. Cloudflare may set its own operational cookies (for example, __cf_bm for bot management) at the edge. Those are governed by Cloudflare’s privacy policy.

Analytics

This site uses Cloudflare Web Analytics in cookieless mode across all four hostnames (catastrophic.io, chaos.catastrophic.io, not.catastrophic.io, bots.catastrophic.io). The beacon script is loaded from static.cloudflareinsights.com and is the only third-party script on the site.

What is captured, per pageview:

  • Page URL and the referring URL, if any
  • Browser, operating system, and screen size
  • Country (sometimes city, in regions where Cloudflare provides that resolution)
  • Page load timing metrics
  • A page-load counter

What is not captured:

  • No cookies are set, by this site or by the analytics beacon
  • IP addresses are not exposed in the analytics dashboard
  • No cross-site tracking — the analytics site is scoped to the four hostnames listed above
  • No browser fingerprinting
  • Nothing that ties one pageview to another from the same visitor

Aggregated data is retained by Cloudflare for roughly six months. The operator of this site sees only what the Cloudflare Web Analytics dashboard exposes — no raw event stream, no per-visitor records.

If a different analytics provider is ever added (for example, Google Analytics), this page will be updated before it goes live, and the relevant disclosure and consent mechanisms will be added at that time.

Custom endpoints (BYO schema)

Custom endpoints created via the playground store the submitted schema in temporary edge storage for up to 10 minutes for the endpoint identifier and up to 1 hour for the shared schema cache. Stored data:

  • The schema as submitted (so the endpoint can keep responding)
  • An AI-generated example body matching that schema
  • A 10-character endpoint identifier
  • An HMAC of your IP address (for the IP-pin access control; never the raw IP)

When your endpoint expires, all stored data is removed automatically. Consumer requests to your endpoint are not logged — same posture as every other endpoint on the site.

Contact

There is no email address published for this site. A contact form may be added in the future. Until then, the appropriate way to report a problem is to stop using the service.

Changes

This policy can change. The version in effect is the one published here at the time of your request. Material changes to data collection (such as enabling analytics) will be reflected here before the change takes effect.

Last updated: 2026-05-15.