We are drowning in enshitified websites. Cloudflare automatically enshitifies ⅓ of the worlds websites. On top of that, there are countless shitty anti-human features that plague the web. Some of them just annoy, and some actually make the website unreachable or unusable to various demographics of people (such as Tor users).

Most infuriating is when a GOVERNMENT website intended to serve the public uses access restrictions (like Cloudflare) or does something else to exclude demographics of people who are entitled access. The Tor community can no longer access most websites of the EU.

What we need

We need an app that will:

• attempt to visit a webpage from multiple different networks (VPN, Tor, residential clearnet, and a variety of different geographic regions).
• try a variety of different user agent strings (cURL, wget, firefox, lynx).
• compare the content between non-erroneous payloads. A significant difference should raise flags. If there is much less content, it could perhaps be regarded as an access denial without error. (e.g. a page simply says: “we don’t serve .. (your kind of people)”). Some common phrases could be searched for.
• detect exclusive walled gardens like Cloudflare and Sucuri
• accessibility¹/enshitification check: whether the contact page imposes a GUI or Google CAPTCHA (¹in terms of people with impairments)
• open data check: whether the contact page discloses a street address or phone number.
• check whether the page functions with uMatrix (maybe this is not possible).
• check whether a privacy policy exists.
• check whether there is a popup blocker blocker (that blocks those who block popups/ads).

In the end, the app produces a checklist and concludes with a final result:

• ✔👍🎉 ❝The website under test is publicly accessible❞
• 🤷🫤 ❝The website under test is publicly accessible but dark patterns or similarly unsuitable/inappropriate anti-user mechanisms were detected. The website should be avoided.❞
• ❌ ❝The website under test is access-restricted or not entirely publicly accessible❞

The report could perhaps be timestamped, digitally signed by the entity running the app, and centrally recorded. Then concerned people among the public could use the report as an independent/authoritative source for claiming that a “public” resource is not actually public.