Independent product case study / Website evidence preflight
SceneCraft
Inspect what is available. Keep everything else unknown.
SceneCraft examines a submitted public website through bounded HTML retrieval, registration context, malware-filter DNS, available response headers, and explainable heuristics—then makes coverage gaps and manual next steps part of the result.
A missing page response should not become a false verdict.
Public sites can redirect, block automated access, return non-HTML content, depend on client-side rendering, or expose only some supporting signals. A useful preflight has to separate observed evidence from unavailable evidence while resisting the temptation to collapse everything into one trust score.
Primary user
A person deciding what deserves deeper verification.
SceneCraft supports visitors and site makers who want an explainable first pass before opening a questionable destination, relying on its claims, or moving to browser, accessibility, security, and source-specific tools.
Ownership
End-to-end product work
Framed a preflight that separates technical readiness, accountability hints, references, and risk prompts.
Designed full, partial, blocked, interpreted-address, high-attention, and manual-verification states.
Implemented public-DNS validation, bounded redirect handling, HTML limits, rate limiting, and domain-level fallbacks.
Defined the signal ruleset, evidence ledger, prioritization rules, provenance links, and limitation language.
02 / Architecture
Evidence moves through a visible system.
Each stage has a bounded responsibility. The interface preserves source context and leaves the final judgment with the person using it.
01
Resolve a public target
Exact HTTP or HTTPS URLs are normalized; a single bare name may be interpreted as a .com address and is clearly surfaced for confirmation.
Standard ports only · no embedded credentials · no direct IP targets
02
Defend the fetch boundary
The Worker runs in public-only fetch mode, while independent A and AAAA preflight checks reject private, mapped, documentation, multicast, and other reserved ranges. Every redirect destination repeats URL and DNS validation.
Platform public-only routing + SSRF preflight on each hop · at most five redirects
03
Retrieve bounded evidence
The route streams at most two megabytes of HTML, retries selected upstream server failures once, recognizes common browser challenges, and only uses a www fallback on the same registered domain.
Timed attempts · bounded body · static public HTML only
04
Inspect independent signal groups
When HTML is available, SceneCraft checks metadata, crawl hints, accessibility basics, social fields, delivery signals, page context, accountability hints, external references, form destinations, and text patterns.
Full results include grouped technical scores and prioritized repairs. Partial results omit unavailable page scores, label unknowns, show completed signal groups, and route the person to independent checks.
At most five prioritized actions · manual ICANN, Safe Browsing, and FTC paths
03 / Product decisions
The constraints shape the experience.
Tradeoffs made visible
Static inspection over browser emulation
The route is fast and bounded, but JavaScript-only content may not appear. SceneCraft says so and links to browser-capable tools instead of presenting static HTML as complete coverage.
Heuristics over a universal truth score
Search, accessibility basics, social, and delivery checks use visible deterministic rules. Accountability and reference scores count public hints; they do not establish ownership, reliability, or truth.
Helpful inference with explicit confirmation
Interpreting a single name as a .com lowers input friction, but the chosen address is shown back to the user and the outgoing site link stays gated until the interpretation is confirmed.
Failure is a designed state
HTML is blocked, unavailable, unsupported, or too large
The system switches to partial mode. Search, sharing, accessibility, form, and page-content conclusions are not scored; domain registration, malware-filter DNS, headers, and available security evidence remain separately labeled.
A target crosses a network safety boundary
Private or reserved destinations, direct IPs, embedded credentials, nonstandard ports, unsupported protocols, and unsafe redirect resolutions are rejected before page analysis.
A live dependency does not respond
Each signal group records whether it completed. Unavailable RDAP, DNS-filter, page, or Observatory evidence lowers coverage rather than becoming a pass or a legitimacy conclusion.
04 / Evaluation
What the system should be tested against.
This is the evaluation surface documented by the implementation—not a claim that every target has already been met.
01
False-positive control
Test benign educational content alongside suspicious phrasing, especially scam guidance that quotes payment or urgency patterns without making the request itself.
02
Fetch-boundary safety
Exercise private IPv4 and IPv6 ranges, mapped addresses, redirect hops, credentialed URLs, unsupported ports, oversized HTML, and same-domain fallback boundaries.
03
Coverage honesty
Verify that blocked, challenged, non-HTML, timed-out, and dependency-unavailable cases expose only completed evidence and never award missing page signals.
04
Explanation usefulness
Review whether each finding shows what was observed, why it matters, what to check next, and which independent source can confirm it without implying certification.
05 / Provenance
Every conclusion keeps its source boundary.
Registration
IANA-discovered RDAP
SceneCraft discovers the appropriate RDAP service and labels whether a registration record applies to the audited domain or only to a hosting parent.
Technical scores, accountability hints, external-reference hints, risk patterns, source availability, and priority actions are calculated by local deterministic rules with their limitations visible.
Internal logic
Implementation note
Last verified from source
This case study was checked against the current SceneCraft client, /api/site-audit route, and signal ruleset v0.2 on this date. Every live run records its own audit timestamp; public pages, registrations, DNS responses, and Observatory results can change after that moment.