Skip to case study
PK® / Case study

Independent product case study / Website evidence preflight

SceneCraft

Inspect what is available. Keep everything else unknown.

SceneCraft examines a submitted public website through bounded HTML retrieval, registration context, malware-filter DNS, available response headers, and explainable heuristics—then makes coverage gaps and manual next steps part of the result.

Input
Website name, domain, or public URL
Modes
Full public-page audit or partial domain evidence
Signal ruleset
Version 0.2 · deterministic rules
System boundary
Directional analysis, never certification

01 / Brief

A decision, not a dashboard.

Problem

A missing page response should not become a false verdict.

Public sites can redirect, block automated access, return non-HTML content, depend on client-side rendering, or expose only some supporting signals. A useful preflight has to separate observed evidence from unavailable evidence while resisting the temptation to collapse everything into one trust score.

Primary user

A person deciding what deserves deeper verification.

SceneCraft supports visitors and site makers who want an explainable first pass before opening a questionable destination, relying on its claims, or moving to browser, accessibility, security, and source-specific tools.

Ownership

End-to-end product work

  • Framed a preflight that separates technical readiness, accountability hints, references, and risk prompts.
  • Designed full, partial, blocked, interpreted-address, high-attention, and manual-verification states.
  • Implemented public-DNS validation, bounded redirect handling, HTML limits, rate limiting, and domain-level fallbacks.
  • Defined the signal ruleset, evidence ledger, prioritization rules, provenance links, and limitation language.

02 / Architecture

Evidence moves through a visible system.

Each stage has a bounded responsibility. The interface preserves source context and leaves the final judgment with the person using it.

  1. 01

    Resolve a public target

    Exact HTTP or HTTPS URLs are normalized; a single bare name may be interpreted as a .com address and is clearly surfaced for confirmation.

    Standard ports only · no embedded credentials · no direct IP targets
  2. 02

    Defend the fetch boundary

    The Worker runs in public-only fetch mode, while independent A and AAAA preflight checks reject private, mapped, documentation, multicast, and other reserved ranges. Every redirect destination repeats URL and DNS validation.

    Platform public-only routing + SSRF preflight on each hop · at most five redirects
  3. 03

    Retrieve bounded evidence

    The route streams at most two megabytes of HTML, retries selected upstream server failures once, recognizes common browser challenges, and only uses a www fallback on the same registered domain.

    Timed attempts · bounded body · static public HTML only
  4. 04

    Inspect independent signal groups

    When HTML is available, SceneCraft checks metadata, crawl hints, accessibility basics, social fields, delivery signals, page context, accountability hints, external references, form destinations, and text patterns.

    Page evidence + IANA-discovered RDAP + malware-filter DNS + MDN Observatory
  5. 05

    Return coverage with judgment aids

    Full results include grouped technical scores and prioritized repairs. Partial results omit unavailable page scores, label unknowns, show completed signal groups, and route the person to independent checks.

    At most five prioritized actions · manual ICANN, Safe Browsing, and FTC paths

03 / Product decisions

The constraints shape the experience.

Tradeoffs made visible

Static inspection over browser emulation

The route is fast and bounded, but JavaScript-only content may not appear. SceneCraft says so and links to browser-capable tools instead of presenting static HTML as complete coverage.

Heuristics over a universal truth score

Search, accessibility basics, social, and delivery checks use visible deterministic rules. Accountability and reference scores count public hints; they do not establish ownership, reliability, or truth.

Helpful inference with explicit confirmation

Interpreting a single name as a .com lowers input friction, but the chosen address is shown back to the user and the outgoing site link stays gated until the interpretation is confirmed.

Failure is a designed state

HTML is blocked, unavailable, unsupported, or too large

The system switches to partial mode. Search, sharing, accessibility, form, and page-content conclusions are not scored; domain registration, malware-filter DNS, headers, and available security evidence remain separately labeled.

A target crosses a network safety boundary

Private or reserved destinations, direct IPs, embedded credentials, nonstandard ports, unsupported protocols, and unsafe redirect resolutions are rejected before page analysis.

A live dependency does not respond

Each signal group records whether it completed. Unavailable RDAP, DNS-filter, page, or Observatory evidence lowers coverage rather than becoming a pass or a legitimacy conclusion.

04 / Evaluation

What the system should be tested against.

This is the evaluation surface documented by the implementation—not a claim that every target has already been met.

01

False-positive control

Test benign educational content alongside suspicious phrasing, especially scam guidance that quotes payment or urgency patterns without making the request itself.

02

Fetch-boundary safety

Exercise private IPv4 and IPv6 ranges, mapped addresses, redirect hops, credentialed URLs, unsupported ports, oversized HTML, and same-domain fallback boundaries.

03

Coverage honesty

Verify that blocked, challenged, non-HTML, timed-out, and dependency-unavailable cases expose only completed evidence and never award missing page signals.

04

Explanation usefulness

Review whether each finding shows what was observed, why it matters, what to check next, and which independent source can confirm it without implying certification.

05 / Provenance

Every conclusion keeps its source boundary.

Registration

IANA-discovered RDAP

SceneCraft discovers the appropriate RDAP service and labels whether a registration record applies to the audited domain or only to a hosting parent.

Source ↗
DNS context

Cloudflare malware-filter DNS

One hostname-level DNS filter is checked at audit time. A non-block is explicitly not presented as a URL reputation scan or a general safety result.

Source ↗
Headers

MDN HTTP Observatory

Available Observatory grades supplement the route’s own response-header observations and link to the public details for deeper review.

Source ↗
Interpretation

SceneCraft signal ruleset v0.2

Technical scores, accountability hints, external-reference hints, risk patterns, source availability, and priority actions are calculated by local deterministic rules with their limitations visible.

Internal logic

Implementation note

Last verified from source

This case study was checked against the current SceneCraft client, /api/site-audit route, and signal ruleset v0.2 on this date. Every live run records its own audit timestamp; public pages, registrations, DNS responses, and Observatory results can change after that moment.

See the system under real conditions

Try SceneCraft.

Open live demo