damned.wtf  /  legal

Terms of Service

Last updated: June 23, 2026  —  Effective upon access or use.

These Terms of Service apply to all websites and pages operated under the Operator's domain, including damned.wtf and all its subpaths — /lol, /infosec, /tos, /privacy — and any related static pages the Operator may host. By accessing or using any part of the Site, you agree to these Terms. If you disagree, do not use the Site. These Terms, together with the Operator's Privacy Policy, govern your relationship with the Operator of damned.wtf — a single private individual — regarding your use of the Site.

Definitions

The following terms have the meanings set out below throughout these Terms and the Privacy Policy:

  • "Site" — damned.wtf and all its subpaths, including but not limited to /infosec, /lol, /tos, /privacy, and any other static or client-side pages hosted under the same domain.
  • "Operator" — the private individual who owns and controls the damned.wtf domain. This is a personal, non-commercial project with no registered legal entity.
  • "Content" — all text, code, guides, images, audio, and any other material served from the Site.
  • "Third-Party Service" — any external website, API, tool, or resource not owned or controlled by the Operator, including but not limited to Mullvad, Bitwarden, haveibeenpwned.com, VirusTotal, and Cloudflare.
  • "Educational Purpose" — personal, non-commercial study and general awareness-raising. Using any tool or technique described here to gain unauthorised access to systems, conduct surveillance, or perform any illegal act is expressly excluded from this definition and constitutes a violation of these Terms regardless of any claimed educational intent.
  • "You" / "User" — any person who accesses or uses any part of the Site, regardless of whether they have read these Terms.
  • "Use" — accessing, browsing, reading, running, applying, or otherwise interacting with the Site or any Content in any way.

Acceptance of Terms

By accessing or using any page under the Site — including damned.wtf/infosec, damned.wtf/lol, and all other subpaths — you confirm that you have read, understood, and agree to be bound by these Terms in full. Your use of the Site constitutes your acceptance. If you do not agree, you must immediately stop using the Site.

These Terms apply to all users regardless of how they access the Site (direct URL, link, embed, search engine, or otherwise). Lack of awareness of these Terms is not a defence. Continued access after any revision constitutes your acceptance of the updated version.

Nothing in these Terms excludes, limits, or waives any right, remedy, warranty, or liability that cannot lawfully be excluded, limited, or waived under applicable law — including mandatory consumer-protection and data-protection rights in your country of residence. Where any clause conflicts with such mandatory rights, those rights prevail and the rest of these Terms continue to apply.

These Terms, together with the Privacy Policy, govern your relationship with the Operator regarding your use of the Site.

Nature of the Service

static content — bot-check gate only

The Site provides static, client-side educational content, served directly to your browser. The only server-side processing is a one-time human-verification check (Cloudflare Turnstile) that gates access to keep automated bots out. There are no user accounts, no data persistence, and no tracking implemented or controlled by the Operator.

  • All Site content consists of static pages served directly to your browser.
  • The only backend is a lightweight edge function that runs the human-verification check. There is no database, no username/password login, and no analytics platform operated by the Operator.

Eligibility

You must meet the minimum age applicable in your jurisdiction — see §14 for jurisdiction-specific requirements. The content on the Site is technical and educational in nature; it assumes a baseline understanding of web technologies.

By using the Site, you represent that you meet the applicable age requirement in your jurisdiction.

Acceptable Use

All content on the Site is provided strictly for personal, educational, and informational purposes.

The following are prohibited, without limitation:

  • Use the Site for any illegal or unauthorised purpose.
  • Attempt to abuse, overload, or attack the hosting infrastructure or CDN.
  • Scrape, crawl, or automate access in ways that impair Site availability for others.
  • Apply content or techniques described here against systems, networks, or devices you do not own or lack explicit written permission to test. "Explicit written permission" means documented authorisation (e.g. email, signed agreement) from the owner — verbal, implied, or assumed consent does not qualify.
  • Use anything on the Site to circumvent security controls you are not authorised to circumvent, or to facilitate surveillance.
  • Redistribute or commercially exploit the content without explicit permission.
Some prohibited conduct may also violate criminal or civil computer-misuse laws, including the Computer Fraud and Abuse Act (CFAA, US), the UK Computer Misuse Act, and similar laws elsewhere. The offence arises from the conduct itself, not from breach of these Terms. You are solely responsible for ensuring your use complies with all applicable local laws.

Educational Purpose & Important Disclaimers

All content is provided strictly for educational and awareness purposes only. Nothing on the Site constitutes professional security, legal, or technical advice. Do not rely on it as a substitute for professional consultation.

  • The Site is not a security tool, privacy tool, or any form of protective software. Reading this content does not make you safer online.
  • Information on the Site may become outdated or inaccurate over time and should not be treated as authoritative or complete.
THE SITE IS PROVIDED "AS IS" WITH NO WARRANTIES OF ANY KIND — EXPRESS OR IMPLIED — INCLUDING BUT NOT LIMITED TO WARRANTIES OF ACCURACY, RELIABILITY, COMPLETENESS, SECURITY, OR FITNESS FOR ANY PURPOSE. THE OPERATOR (A SINGLE PRIVATE INDIVIDUAL) DISCLAIMS ALL LIABILITY TO THE FULLEST EXTENT PERMITTED BY LAW FOR ANY DAMAGE, LOSS, CLAIM, OR CONSEQUENCE — DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE — ARISING FROM USE OF, RELIANCE ON, OR INABILITY TO USE THE SITE OR ITS OUTPUTS.

Limitation of Liability

The Site and all content are provided "as is" and "as available" without warranties of any kind, express or implied.

To the maximum extent permitted by applicable law, the Operator of damned.wtf — a single private individual operating a personal, non-commercial educational site with no registered legal entity — shall not be liable for any direct, indirect, incidental, special, consequential, or exemplary damages arising from your use of or inability to use the Site — including reliance on any information presented here.

You use this Site entirely at your own risk, and the Operator owes you nothing for it. The Site is and always has been free — no payment, subscription, fee, or consideration of any kind is required or solicited — and to the fullest extent permitted by applicable law, the Operator excludes all liability for any loss, damage, or consequence arising from your use of or reliance on the Site, regardless of the theory of liability (contract, tort, negligence, statute, or otherwise) and regardless of whether the Operator was warned such loss was possible. The only liability not excluded is liability that cannot lawfully be excluded — such as for fraud, wilful misconduct, or death or personal injury caused by negligence — because no document can waive those.

All information on this Site is provided on an "as-is" basis and may contain inaccuracies, omissions, or errors at the time of publication or later — the Operator makes no warranty that any information is accurate, complete, or current.

Third-Party Content & Requests

Any external requests made while using the Site (e.g. clicking links to third-party services) are initiated directly from your browser. The Operator does not proxy, intercept, log, or receive any data from these requests.

The Operator is not responsible for the availability, accuracy, privacy practices, or content of any third-party site or service. Requests to third parties are governed solely by those parties' own terms and policies.

Your browser or network will send standard HTTP headers (IP address, user agent, referrer) to the Operator's hosting provider or CDN (e.g., Cloudflare) for delivery and caching purposes. This is standard web infrastructure behaviour outside the Operator's direct control. Refer to your hosting or CDN provider's privacy policy for their logging and data retention practices.

Intellectual Property

All original content, code, and design on damned.wtf is the property of the Operator unless otherwise noted. You may view and reference content for personal and educational use.

You may not reproduce, redistribute, or commercially exploit any content from the Site without explicit written permission. Third-party libraries, fonts, and services used on the Site retain their respective licences and ownership.

Changes to These Terms

The Operator may update these Terms at any time without prior notice. The "Last updated" date at the top of this page reflects the most recent revision. Non-material changes take effect immediately upon posting. If a material change is ever made, it will be made clearly visible on this page.

Continued use of any part of the Site after a revision constitutes your acceptance of the updated Terms. Checking this page periodically is your responsibility.

Governing Law

These Terms are governed by the laws applicable in the jurisdiction where the Operator is habitually resident, subject to any mandatory provisions of the law of the user's country of residence that cannot be excluded by agreement.

For the avoidance of doubt, nothing in these Terms is intended to (nor can it lawfully) deprive you of the benefit of any mandatory consumer-protection, data-protection (including GDPR / UK GDPR), or other rules that apply under the law of your habitual residence and cannot be derogated from by contract.

Indemnification

To the extent permitted by applicable law, you agree to indemnify the Operator of damned.wtf — a single private individual — against third-party claims, liabilities, damages, losses, costs, and expenses (including reasonable legal fees) arising out of:

  • Your unlawful conduct in connection with the Site or its content.
  • Your unauthorised access to or use of any third-party system.
  • Your violation of these Terms.
  • Your misuse of any information provided on the Site.

This obligation survives termination of your access to the Site and these Terms, to the extent permitted by applicable law.

Severability

If any provision of these Terms is found to be invalid, illegal, or unenforceable under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, or severed if modification is not possible.

The invalidity or unenforceability of any single provision shall not affect the validity or enforceability of the remaining provisions, which shall continue in full force and effect as if the invalid provision had never been included.

No Waiver

The Operator's failure to enforce any right or provision of these Terms on any occasion shall not constitute a waiver of that right or provision going forward. No waiver of any term shall be deemed a further or continuing waiver of that term or any other term.

Any waiver must be made explicitly and in writing to be effective. Prior non-enforcement of these Terms does not create any expectation of continued non-enforcement.

Age Requirements by Jurisdiction

The minimum age to use the Site without parental supervision varies by jurisdiction. You represent that you meet the applicable minimum in yours:

  • United States (COPPA): The Site is not directed to children under 13, and the Operator does not knowingly collect personal information from children. The FTC's amended COPPA Rule had an effective date of June 23, 2025, with a compliance deadline of April 22, 2026 for regulated entities.
  • European Union / EEA (GDPR Art. 8): The digital-consent age is 16, or the lower national threshold set by your member state (no lower than 13) where applicable.
  • United Kingdom (UK GDPR): The digital-consent age is generally 13. Services likely to be accessed by children may also need to consider the UK Age Appropriate Design Code.
  • All other jurisdictions: You must meet the minimum digital consent age applicable in your country. If no specific threshold applies, you must be at least 13.

Users under 18 in any jurisdiction should use the Site only with the knowledge and consent of a parent or legal guardian. By using the Site, you represent that you satisfy the applicable age requirement.

Privacy

Your use of the Site is also governed by the Operator's Privacy Policy, which is incorporated into these Terms by reference. In short: the Operator runs no accounts, analytics, advertising, or tracking, and keeps no user records beyond a strictly-necessary human-verification check. Limited technical data is processed by infrastructure providers (e.g. Cloudflare) to deliver and protect the Site, as described in the Privacy Policy.

Release of Claims & Covenant Not to Sue

This Site is a personal notebook made public for educational purposes — nothing more. Your use of the Site is voluntary and at your own risk. To the fullest extent permitted by law, you waive claims against the Operator arising from your reliance on general educational content found or linked here, except where such waiver is not permitted by applicable law. This waiver does not affect claims arising from the Operator's fraud or wilful misconduct, or any rights that cannot lawfully be waived.

In particular, you accept that you use the Site at your own risk with respect to:

  • Information, advice, or techniques described or linked on the Site, whether accurate or not.
  • Any outcome resulting from applying, misapplying, or relying on anything found here.
  • The availability, uptime, or accuracy of the Site.
  • Any third-party service, tool, or resource referenced or linked from the Site.
  • Your own actions taken in response to content on the Site.
This is a free, personal, educational resource — equivalent to someone sharing their notes. You use it entirely at your own risk and with your own judgement. The Operator is an individual sharing information, not a business providing a professional service, and accepts no liability whatsoever for how this material is read, interpreted, or acted upon.

Law Enforcement & Legal Process

The Site is a static, client-side educational resource operated by a private individual, fronted only by a bot-check gate. The Operator has no visibility into, control over, or stored records of any user's actions, identity, or behaviour — because no such data is collected or retained by the Operator. The verification cookie is a stateless signed token held only in your own browser, of which the Operator keeps no copy.

By accessing the Site, you acknowledge and agree that:

  • Any misuse of information found on the Site is solely your own responsibility. The Operator does not authorise, encourage, direct, or participate in any unlawful use of the Site's content.
  • The Operator is the publisher of general educational material only — equivalent to a textbook author or library — and is not responsible for how readers independently choose to apply that material.
  • The Operator does not intentionally maintain user accounts, analytics profiles, or application-level user logs. The verification cookie is a stateless signed token held only in your own browser.
  • The Operator will respond to valid legal process as required by applicable law, and will produce only records actually within the Operator's possession, custody, or control.

In response to a valid subpoena, court order, or law enforcement request, the Operator can only produce records it actually holds. The Operator does not keep server-side user accounts, analytics, or application-level browsing logs. Infrastructure providers (e.g. Cloudflare hosting/CDN) may independently process and retain technical data — such as IP address, user agent, and bot-detection signals — under their own policies and retention practices, and requests for that data should be directed to them.

Assumption of Risk

Your use of the Site and any information found here is entirely voluntary. To the fullest extent permitted by applicable law, you assume the risks associated with that use — including but not limited to:

  • Relying on information that is incomplete, inaccurate, outdated, or misunderstood.
  • Applying any technique or recommendation in a context it was not intended for.
  • Any legal, financial, reputational, technical, or personal consequences arising from your actions.
  • Exposure to security or privacy risks inherent in browsing any website.
  • Any harm arising from third-party tools or services referenced or linked here.

The Operator makes no representation that use of this Site is appropriate, safe, or lawful in your jurisdiction. You bear the entire risk as to the quality, accuracy, and performance of anything provided here. All information on this Site may contain inaccuracies, omissions, or errors at the time of publication or later — you are solely responsible for verifying any information before acting on it. This assumption of risk does not apply to claims arising solely from the Operator's proven fraud or wilful misconduct.

Termination & Right to Restrict Access

The Operator reserves the right, at sole discretion and without prior notice, to:

  • Restrict, suspend, or terminate access to the Site or any part of it — for any reason or no reason.
  • Block IP addresses, networks, or user agents that are scraping, crawling, DDoS-ing, or otherwise abusing the Site or its hosting infrastructure.
  • Remove, modify, or take down any content or page at any time without notice or explanation.
  • Discontinue the Site entirely without notice or liability.

You have no right to continued access. Termination of your access does not relieve you of any obligations or liabilities incurred under these Terms prior to termination. All provisions that by their nature should survive — including but not limited to §11, §16, §17, §18, and §21 — remain in full force after termination.

Survival of Terms

The following sections of these Terms survive indefinitely after you stop using the Site, after any termination of access, and regardless of any future revision to these Terms:

  • §5 — Educational Purpose & Important Disclaimers
  • §6 — Limitation of Liability
  • §11 — Indemnification
  • §12 — Severability
  • §13 — No Waiver
  • §16 — Release of Claims & Covenant Not to Sue
  • §17 — Law Enforcement & Legal Process
  • §18 — Assumption of Risk
  • §21 — No Agency or Professional Relationship
  • §23 — No Anonymity & No Security Guarantee

Additionally, the following sections of the Privacy Policy survive indefinitely: §02 (Information Collected), §05 (Data Sharing & Third Parties), §10 (Disclaimer of Warranties & Liability), §18 (No Anonymity & No Security Guarantee), §19 (Law Enforcement & Legal Process), and §20 (Indemnification & Survival).

Your agreement to these surviving provisions is irrevocable and cannot be undone by ceasing use of the Site or by the passage of time.

No Agency or Professional Relationship

Nothing on the Site — and nothing arising from your use of it — creates any professional, advisory, fiduciary, or contractual relationship beyond your acceptance of these Terms.

  • The Operator is not your lawyer. Nothing here is legal advice.
  • The Operator is not your security consultant. Nothing here is a professional security assessment, penetration test, or audit.
  • The Operator is not your IT advisor. Nothing here constitutes professional technical guidance tailored to your systems or circumstances.
  • No agency, partnership, joint venture, employment, or franchise relationship is created between you and the Operator by these Terms or by use of the Site.
This is a personal notebook shared publicly. The Operator is a private individual, not a business, firm, or registered professional. Treat everything here the way you'd treat advice from a knowledgeable friend — useful for general awareness, but not a substitute for qualified professional consultation specific to your situation.

Right to Modify & Accuracy Not Guaranteed

The Operator reserves the right to modify, update, correct, remove, or discontinue any content or feature on the Site at any time and without prior notice. No specific version of any content is guaranteed to remain available.

  • Cybersecurity, browser APIs, privacy techniques, and threat landscapes evolve rapidly. Information that is accurate today may be outdated, superseded, or incorrect tomorrow.
  • The Operator makes no warranty that any content will remain current, complete, or correct at the time of your reading.
  • You are solely responsible for verifying any information before acting on it.

The "Last updated" date on this page reflects when the Terms were last revised — not when every piece of site content was last reviewed or verified.

No Anonymity & No Security Guarantee

THIS SITE DOES NOT PROVIDE ANONYMITY. THIS SITE DOES NOT PROTECT YOUR PRIVACY. THIS SITE IS NOT A SECURITY TOOL. NOTHING HERE WILL MAKE YOU HARDER TO TRACK, SAFER ONLINE, OR LESS IDENTIFIABLE TO ANY THIRD PARTY.

To be explicit:

  • The cybersecurity education guide at /infosec provides general awareness information only — reading it does not protect you.
  • Using the Site does not activate any privacy protection, tracking prevention, or anonymisation.
  • The Site is not a VPN, proxy, Tor relay, ad blocker, tracker blocker, or any form of privacy-enhancing technology.
  • The infosec guide provides general awareness information only — following it does not guarantee your security or privacy.
  • The Operator makes no representation that any technique or recommendation described here will be effective against any specific threat, adversary, or tracking method.

If you came here believing the Site would protect you or make you anonymous — it will not. You are solely responsible for your own security and privacy posture.

The /infosec Guide — Specific Terms

The page at damned.wtf/infosec is a static, client-side cybersecurity education guide. The following clarifications apply specifically to that page:

  • Simulated login screen: The terminal-style loading screen and login form (USER_ID / AUTH_KEY) are purely cosmetic. No credentials are entered, validated, stored, or transmitted. The interface exists solely for aesthetic presentation.
  • No data collection: The guide itself collects no personal information and sets no cookies. The guide page makes no automatic network requests — the only outbound requests possible are those you explicitly trigger by clicking an external link. All guide content is served statically.
  • Third-party tool references: The guide mentions and links to external tools and services (such as Mullvad VPN, Bitwarden, haveibeenpwned.com, VirusTotal, and others) for general educational awareness only. Mentioning a tool is not an endorsement, recommendation, or warranty. Some referenced tools are designed to enhance privacy or anonymity — referencing them here does not mean this Site provides those capabilities. The Operator is not affiliated with, sponsored by, or responsible for any third-party service, and is not liable for how you use any tool you learn about here. Use all third-party services subject to their own terms, policies, and laws.
  • No professional advice: Nothing in the infosec guide constitutes professional security, legal, or technical advice. Guidance is general and educational. Your threat model, jurisdiction, and circumstances may differ significantly — consult a qualified professional for advice specific to your situation.
  • Content accuracy: Cybersecurity practices evolve rapidly. While the Operator aims to keep content current, no guarantee is made that any recommendation, tool, or technique described remains accurate, effective, or best practice at the time of your reading.
  • Optional audio: The page includes an optional background audio track. It is off by default and requires explicit user interaction to enable. No audio data is recorded or transmitted.
The infosec guide is designed to raise general security awareness. It is not a substitute for professional penetration testing, a security audit, or legal compliance review. Apply any techniques or recommendations only to systems and environments you own or have explicit permission to test.

Cookies & Browser Storage

The Operator sets a single strictly-necessary cookie, __Host-human_verified, after you pass the human-verification check. It holds only a signed, time-limited token so you are not re-prompted on every page, contains no personal data, and is never used for tracking, profiling, advertising, or analytics. The Operator sets no tracking pixels, beacons, or other persistent identifiers.

The Operator does not use localStorage, IndexedDB, or any other mechanism to store data about you between visits. Because the verification cookie is essential to providing the Site, no cookie consent banner is required for it under applicable law; no optional or non-essential cookies are set.

Your browser or CDN/hosting provider (e.g. Cloudflare) may set their own cookies or store infrastructure-level data independently of the Operator. Those are governed by their own policies, not the Operator's.

AI-Generated Content

The Site does not itself provide an AI system or automated decision-making service. Where content has been substantially assisted by or generated with AI tools, the Operator may label it as such as a voluntary transparency measure; this is a best-effort commitment and does not create an enforceable obligation. The EU AI Act entered into force on August 1, 2024 and is generally applicable from August 2, 2026, with exceptions. The Operator does not intend the Site to fall within AI Act obligations, but this statement does not limit any mandatory legal obligations that may apply if the Site's functionality or legal status changes.

The Site itself does not use machine learning, make predictions about individuals, or constitute automated decision-making with any legal or significant effect.

The Operator is not responsible for any AI-generated output you may produce using information or techniques described on the Site.

This material is provided strictly for educational purposes only.
Some information may be outdated or contain mistakes — the Operator is not responsible for inaccuracies.
The Operator does not encourage or condone illegal activity of any kind and is not responsible for how you use this information.

Always abide by the laws of your jurisdiction. If you believe you are a victim of cybercrime or encounter a situation beyond your control, seek help from the appropriate authorities immediately.
By using the Site you confirm: