← Back to browse

Noctral

Receita, anuncios, creators e sinais reais para encontrar oportunidades validadas antes de construir.

Added July 17, 2026 · Last analysed July 17, 2026 · via · 60% unique tagline

StackScope is a free public catalogue of indie launches. We find launches on Product Hunt, Hacker News and similar feeds, then crawl each site to detect its tech stack and score it for launch readiness: DNS, security headers, SEO basics. This page is what we saw on 17 July 2026; the live site may have changed since.

Noctral has the basics covered well, with a complete set of security headers, a thorough launch checklist, and clean crawl signals. Worth fixing first: incomplete legal pages and no email security records.

Launched on Product Hunt on July 16, 2026. The site is hosted on Vercel, with a domain registered 10 weeks before launch. Our crawler found 20 technologies on this site, covering analytics, advertising, baas, and CSS frameworks. The stack includes Next.js, React, and Tailwind CSS.

It's also running the same core stack as 10,661 other launches and tighter on security headers than most Product Hunt launches.

If you own this site, refresh the snapshot and see the full fix list any time →

Vibe Score 20 · Few AI signals
How much the site looks AI-generated. Informational pattern-match signal, not a verdict. Does not feed the StackScope Score. See which fingerprints fired →

Tech Stack (20) · Indie stack

Infrastructure
DNS HostGator DNS
Hosting Vercel
Security HSTS
Build & Framework
BaaS Supabase
CSS framework Tailwind CSS
Font Fontshare
Framework React
Meta-framework Next.js (6)
Mobile Apple App Store
UI library Lucide Icons
Video YouTube
Analytics & Marketing
Advertising Bing Ads
Google Ads (4)
Analytics Google Analytics (3)
Himetrica (3)
Microsoft Clarity
PostHog (2)
SEO Google Search Console
Social Google Search
Tag management Google Tag Manager (2)

Infrastructure

Network
AS16509 · US
DNS
HostGator DNS
Authoritative nameserver
DNSSEC
Not enabled
DNS responses unsigned. Cache-poisoning vulnerable.
Green hosting
Not green hosted
No green-energy record. Data from The Green Web Foundation.
SSL Certificate
Let's Encrypt
Valid 7 Jul 2026 to 5 Oct 2026
Certificate as captured in this snapshot, not a live check.
Domain Age
2 months
Registered May 2026 · PDR Ltd. d/b/a PublicDomainRegistry.com

Email Security

SPF Not published. Your domain can be spoofed in phishing emails.
?
DKIM Not detected at common selectors. Your provider may use a custom one.
DMARC Not published. Receivers fall back to permissive defaults.
?
MTA-STS Not deployed. Mail to your domain can be downgraded to plaintext en route.
?
TLS-RPT Not configured. You won't hear about silent SMTP TLS handshake failures.

Storage (8)

Cookies (2)
NameLifetimeDetected as
NEXT_LOCALE 1y Next.js
_gcl_au 2mo Google Ads
Local storage (3)
KeySizeDetected as
hm_config 72 B -
hm_visitor_id 36 B -
_gcl_ls 277 B Google Ads
Session storage (3)
KeySizeDetected as
hm_original_referrer 0 B -
hm_session_id 36 B -
hm_session_timestamp 13 B -

Readiness Breakdown How?

Custom title and meta description
Open Graph tags (title, image, description)
Twitter card meta tags
Canonical URL declared
Responsive viewport meta tag
Favicon present
Semantic HTML (nav, main, article)

Performance How?

1051 ms Server response
10% Faster than peers
2288 ms Largest contentful paint
0.01 Cumulative layout shift
3.5 MB Page weight
580 KB Image weight
12 Third-party domains
0 Console errors
0 Failed requests

51 images: 33 oversized, 46 without width/height, 44 missing alt text

Indicative grade from a single automated render, not a substitute for Lighthouse or field data, and not part of the StackScope score.

Vibe Score Breakdown How?

SignalPoints
AI palette signals +5
AI writing signals +5
AI stack signals +10

This score is based on structural patterns and is not definitive. Many legitimate sites may trigger signals, and AI-built sites may go undetected. It should be treated as an indicator, not a verdict.

AI Stance

Welcomes AI crawlers
llms.txt published
No AI bots blocked in robots.txt
? No directive declared
? None advertised

Well-Known Files

robots.txt
sitemap.xml (38 URLs)
security.txt
llms.txt
ads.txt
humans.txt
? Privacy Policy not detected
? Terms of Service not detected
? Analytics present, but it set no tracking cookies on our visit (it may be opt-in-gated).
Detection works best on English language sites.

Security Headers (6/6)

Permissions-Policy experimental (check browser support)
Content-Security-Policy ⚠ CSP violation detected: your policy is blocking 1 of your own resource
X-XSS-Protection deprecated (use Content-Security-Policy)

Build

Code splitting
19 JS files
2 CSS files
12 Third-party domains

Brand Colours

Something not look right? If a technology shown here is wrong or out of date, email [email protected] and we'll review it.