Available via:
Chrome Web Store
Microsoft Edge-Add-Ons
Firefox Add-Ons
uDomainFlag on GitHub
July 2013 - today
8k+ browser users per day
2.1+ million API requests per day
Live Statistics
...
req/s
Instant
Ø 60s
—
60s Peak (1h)
—
Ø 1h
—
Ø 1d
—
Languages and Technologies:
JavaScript (Browser Extension & WebApp)
Go (Backend)
PHP (Backend WebApp)
HTML/CSS (Browser Extension & WebApp)
SQL (MariaDB)
uDomainFlag is an open-source browser extension that automatically shows a country flag for the server location whenever you visit a website.
Clicking the flag reveals additional technical details such as location/region, the public IP address as seen by the server, operator/ASN information, and further metadata.
Real-world usage
uDomainFlag is actively used by several thousand users per day and processes millions of API requests daily.
The API is also integrated into third-party projects—for example, to display the geolocation of an IP address in admin interfaces (e.g., Mailcow).
History
Started in 2013 as a Chrome extension and continuously improved over the years with new features, modernization, and stability work.
January 2015: Version 1.0 – location detection based on the client IP address visible to the server during connection establishment.
July 2020: Version 2.0 – full rewrite for improved performance and reduced resource usage for Chrome, Firefox, and Microsoft Edge.
April 2021: Published the API specification to enable third-party integrations.
February 2024: Migrated to Manifest V3, including performance and security optimizations.
The complete change history is available at GitHub > Releases.
Backend & architecture
The primary data and lookup endpoint is dfdata.bella.network (formerly udfdata.unterhaltungsbox.com).
Starting with uDomainFlag 2.0, the server-side backend was migrated from PHP to Go. This significantly reduced CPU load and improved response times, optimizing the system for high request volumes.
The backend is intentionally designed to be stateless, enabling seamless deployments without service interruption.
Request flow, deployment & operations
Traffic flow: client → nginx (TLS termination) → HAProxy (Layer 7 health/response-time checks) → Go backend.
Releases are deployed automatically via GitLab CI and run under systemd. During deployments, HAProxy temporarily routes requests to a fallback instance (the previous version), enabling zero-downtime upgrades.
Browser clients implement a retry mechanism, so maintenance or server restarts typically result only in a short delay before the flag is displayed.
Resilience & observability
For disaster scenarios, a secondary standby server (reduced performance) is pre-provisioned and can take over via failover mechanisms (e.g., Cloudflare target switch / failover IP).
In addition, a Cloudflare-proxied fallback is available at udfdata.unterhaltungsbox.com. This has proven useful in real incidents such as ISP routing problems or content filtering.
Connectivity and stability are monitored via NEL (Network Error Logging), with reports delivered to a dedicated reporting backend.
Performance, availability, and resource utilization are monitored with checkmk including alerting.
With targeted query and lookup optimizations, the average API response time is ~50 ms (domain → IP resolution + geo lookup in MariaDB).
Details and backend changelog: dfdata.bella.network.
Clicking the flag reveals additional technical details such as location/region, the public IP address as seen by the server, operator/ASN information, and further metadata.
Real-world usage
uDomainFlag is actively used by several thousand users per day and processes millions of API requests daily.
The API is also integrated into third-party projects—for example, to display the geolocation of an IP address in admin interfaces (e.g., Mailcow).
History
Started in 2013 as a Chrome extension and continuously improved over the years with new features, modernization, and stability work.
January 2015: Version 1.0 – location detection based on the client IP address visible to the server during connection establishment.
July 2020: Version 2.0 – full rewrite for improved performance and reduced resource usage for Chrome, Firefox, and Microsoft Edge.
April 2021: Published the API specification to enable third-party integrations.
February 2024: Migrated to Manifest V3, including performance and security optimizations.
The complete change history is available at GitHub > Releases.
Backend & architecture
The primary data and lookup endpoint is dfdata.bella.network (formerly udfdata.unterhaltungsbox.com).
Starting with uDomainFlag 2.0, the server-side backend was migrated from PHP to Go. This significantly reduced CPU load and improved response times, optimizing the system for high request volumes.
The backend is intentionally designed to be stateless, enabling seamless deployments without service interruption.
Request flow, deployment & operations
Traffic flow: client → nginx (TLS termination) → HAProxy (Layer 7 health/response-time checks) → Go backend.
Releases are deployed automatically via GitLab CI and run under systemd. During deployments, HAProxy temporarily routes requests to a fallback instance (the previous version), enabling zero-downtime upgrades.
Browser clients implement a retry mechanism, so maintenance or server restarts typically result only in a short delay before the flag is displayed.
Resilience & observability
For disaster scenarios, a secondary standby server (reduced performance) is pre-provisioned and can take over via failover mechanisms (e.g., Cloudflare target switch / failover IP).
In addition, a Cloudflare-proxied fallback is available at udfdata.unterhaltungsbox.com. This has proven useful in real incidents such as ISP routing problems or content filtering.
Connectivity and stability are monitored via NEL (Network Error Logging), with reports delivered to a dedicated reporting backend.
Performance, availability, and resource utilization are monitored with checkmk including alerting.
With targeted query and lookup optimizations, the average API response time is ~50 ms (domain → IP resolution + geo lookup in MariaDB).
Details and backend changelog: dfdata.bella.network.
Health Sync In & Out
Available via:
HYNC.io
July 2023 - today
Languages and Technologies:
Go (Backend, Microservices)
HTML/CSS/JavaScript (Frontend)
PHP (Backend WebApp)
SQL (MariaDB)
RabbitMQ (Message Broker)
Redis (Caching)
S3 (Object Storage)
GitLab CI (Deployment)
Sentry (Error Tracking)
Project Description:
HYNC.io is an innovative platform for cross-platform synchronization of fitness and health data. The application allows users to consolidate their activity data from various sources such as Polar, Fitbit, Wahoo, Strava, and many others into a central dashboard.
Core Features:
Technical Innovation:
Building on my expertise with the Fitbit API (go-fitbit library) and insights from the Mr. Fitness Bot project, we are developing a scalable architecture at HYNC.io that efficiently integrates various fitness APIs. The platform solves the widespread problem of data silos in the fitness tracking space.
This fills the gap between existing fitness apps and enables seamless integration of all relevant data sources. At the same time, it provides a central solution for users who want to consolidate their fitness data in one place as well as the possibility for central data access for third-party apps and services.
Connection to Existing Projects:
HYNC.io represents the natural evolution of my previous fitness technology projects:
Market Positioning:
In a market where users often use multiple fitness apps and devices simultaneously, HYNC.io offers the unified solution for data consolidation and synchronization. The platform targets both fitness enthusiasts and casual athletes who want to manage their training data centrally.
Development Status:
The platform is currently in the development phase. Interested users can already sign up on the waiting list to gain early access and participate in the beta phase.
Individual features and data sources are already being integrated successively, with a focus on a stable and scalable architecture.
Vision:
The goal is to develop HYNC.io into the leading platform for fitness data synchronization, thereby unifying the fragmented ecosystem of fitness apps. The Austrian development focuses on data privacy and GDPR compliance.
HYNC.io is an innovative platform for cross-platform synchronization of fitness and health data. The application allows users to consolidate their activity data from various sources such as Polar, Fitbit, Wahoo, Strava, and many others into a central dashboard.
Core Features:
- Cross-Platform Synchronization: Automatic data transfer between different fitness platforms
- Central Dashboard: Clear display of all fitness activities in one place
- Community Features: Connect with friends, challenges, and local comparisons
- Smart Sync: Intelligent detection and avoidance of data duplicates
- Multi-Sport Support: Support for running, cycling, swimming, and other sports
- Data Privacy: GDPR-compliant storage and processing of user data
Technical Innovation:
Building on my expertise with the Fitbit API (go-fitbit library) and insights from the Mr. Fitness Bot project, we are developing a scalable architecture at HYNC.io that efficiently integrates various fitness APIs. The platform solves the widespread problem of data silos in the fitness tracking space.
This fills the gap between existing fitness apps and enables seamless integration of all relevant data sources. At the same time, it provides a central solution for users who want to consolidate their fitness data in one place as well as the possibility for central data access for third-party apps and services.
Connection to Existing Projects:
HYNC.io represents the natural evolution of my previous fitness technology projects:
- Extension of the go-fitbit library to include additional platforms
- Scaling of data processing concepts from Mr. Fitness Bot
- Integration of automation logic developed in pv-proxy and other projects
Market Positioning:
In a market where users often use multiple fitness apps and devices simultaneously, HYNC.io offers the unified solution for data consolidation and synchronization. The platform targets both fitness enthusiasts and casual athletes who want to manage their training data centrally.
Development Status:
The platform is currently in the development phase. Interested users can already sign up on the waiting list to gain early access and participate in the beta phase.
Individual features and data sources are already being integrated successively, with a focus on a stable and scalable architecture.
Vision:
The goal is to develop HYNC.io into the leading platform for fitness data synchronization, thereby unifying the fragmented ecosystem of fitness apps. The Austrian development focuses on data privacy and GDPR compliance.
thomas.bella.network
July 2015 - today
418 Commits
Automatic deployment
9k+ lines of code
Languages and Technologies:
HTML/CSS/JavaScript
PHP
Redis (Caching)
Sentry (Error Tracking)
GitLab CI (Deployment)
Various API interfaces
(pv-proxy, HYNC, Mapbox, Ollama, ...)
This website goes beyond a simple portfolio and shows not only my profile but also additional details.
This site is written in HTML, CSS, JavaScript and PHP without additional libraries (except FontAwesome). Static data is compressed, prepared and deployed to the target server using GitLab CI.
Technologies used
GitLab CI automates deployment and creates reproducible versions of this website.
Static resources such as .svg icons, CSS, JavaScript, fonts and other data are pre-compressed with gzip and brotli using GitLab CI. Using
Extensions such as OCSP, CSP, HSTS (Preload), Expect-CT, Referer-Policy, Permission-Policy etc. further enhance the security of the website and protect against manipulation.
0-RTT reduces the time required for a connection when retrieving data only. Efficient caching and prefetching reduce the loading time to well under one second.
By avoiding libraries and frameworks such as Smarty, jQuery, Bootstrap, Angular, React etc., no unused code needs to be included. This significantly increases processing speed and achieves a best value in Lighthouse.
Most dynamic data on this website is obtained from proxy.bella.network via HTTPS (AJAX & WebSocket). This domain resolves to a standalone server, which is connected via WireGuard VPN and BGP over my Multi-WAN home network to its own VLAN.
More on this in the next project "Homelab & Homeautomation".
Why is there no cookie banner on this site?
This site does not use cross-site tracking and does not set any identifiable persistent data, so no consent is required. A cookie is set upon successful login, with a corresponding notice displayed beforehand.
This site is written in HTML, CSS, JavaScript and PHP without additional libraries (except FontAwesome). Static data is compressed, prepared and deployed to the target server using GitLab CI.
Technologies used
GitLab CI automates deployment and creates reproducible versions of this website.
Static resources such as .svg icons, CSS, JavaScript, fonts and other data are pre-compressed with gzip and brotli using GitLab CI. Using
gzip_static/brotli_static, pre-compressed data is delivered in NGINX, reducing computational capacity and latency.Extensions such as OCSP, CSP, HSTS (Preload), Expect-CT, Referer-Policy, Permission-Policy etc. further enhance the security of the website and protect against manipulation.
0-RTT reduces the time required for a connection when retrieving data only. Efficient caching and prefetching reduce the loading time to well under one second.
By avoiding libraries and frameworks such as Smarty, jQuery, Bootstrap, Angular, React etc., no unused code needs to be included. This significantly increases processing speed and achieves a best value in Lighthouse.
Most dynamic data on this website is obtained from proxy.bella.network via HTTPS (AJAX & WebSocket). This domain resolves to a standalone server, which is connected via WireGuard VPN and BGP over my Multi-WAN home network to its own VLAN.
More on this in the next project "Homelab & Homeautomation".
Why is there no cookie banner on this site?
This site does not use cross-site tracking and does not set any identifiable persistent data, so no consent is required. A cookie is set upon successful login, with a corresponding notice displayed beforehand.
Subpage Homelab
8 Server
358+ TB Storage
286+ GB RAM
5x Raspberry Pi (Sensor Nodes)
15kWh Battery capacity
300/30 Mbps DSL
25+ BGP Routes
10+ VPN Tunnel
9 AccessPoints
60+ IoT Devices
50+ VMs/LXC Container
DualStack Internet:
static IPv4/32 & IPv6/60
My homelab has grown significantly over the years and I have already significantly reduced it in some places, among other things to save electricity costs.
An overview of my homelab is available at Homelab. There I also go into detail about the devices used.
Multiple VPN tunnels connect my local network to other local networks at different locations, using dynamic routing with BGP.
For (home) automation, I use a self-created program called pv-proxy written in Go, which I work on regularly and which already comprises over 10k lines of code:
This program is the main data processing and central of my automation. Among other things, the current power consumption and power production of the entire household are recorded every second. Based on this data and other sensor data, originating from my weather station, several DS18B20 temperature sensors, BME280 sensors, etc., various devices are automatically controlled.
For example, when there is overproduction, the heating element is activated to heat the hot water tank. The fan control of the servers is also automatically controlled, taking into account not only the ambient temperature and power capacity but also the weather forecast.
Since the program manages a lot of information and I am constantly expanding it, here is an excerpt of which data/devices are recorded/processed/etc.:
433MHz/868MHz recording with RTL-SDR, voltage monitoring, hot water control and monitoring, weather forecasts based on Zambretti, switching state monitoring IoT devices, temperature recording of several rooms, device control in case of power failure, control of garden irrigation system, further processing of Fitbit vital data (pulse, steps, calorie intake, ...), control of solar system, car location detection, Chromecast media control, VM autoscaling, room light control and monitoring, and much more.
An overview of my homelab is available at Homelab. There I also go into detail about the devices used.
Multiple VPN tunnels connect my local network to other local networks at different locations, using dynamic routing with BGP.
For (home) automation, I use a self-created program called pv-proxy written in Go, which I work on regularly and which already comprises over 10k lines of code:
This program is the main data processing and central of my automation. Among other things, the current power consumption and power production of the entire household are recorded every second. Based on this data and other sensor data, originating from my weather station, several DS18B20 temperature sensors, BME280 sensors, etc., various devices are automatically controlled.
For example, when there is overproduction, the heating element is activated to heat the hot water tank. The fan control of the servers is also automatically controlled, taking into account not only the ambient temperature and power capacity but also the weather forecast.
Since the program manages a lot of information and I am constantly expanding it, here is an excerpt of which data/devices are recorded/processed/etc.:
433MHz/868MHz recording with RTL-SDR, voltage monitoring, hot water control and monitoring, weather forecasts based on Zambretti, switching state monitoring IoT devices, temperature recording of several rooms, device control in case of power failure, control of garden irrigation system, further processing of Fitbit vital data (pulse, steps, calorie intake, ...), control of solar system, car location detection, Chromecast media control, VM autoscaling, room light control and monitoring, and much more.
PassBeyond Product - Closed Source (Release planned) - Go
A reverse proxy with built-in authentication via SAML (ADFS) and LDAP for cross-domain use. Secures resources behind *.bella.pm and other domains and transparently forwards requests only after successful login. Role-based access rights with the possibility of guest access. Local network access is automatically detected and released.
Mr. Fitness Bot Product - Closed Source - Go
Collection, processing and evaluation of activity data, running and strength training, physical and mental health, automatic and manual (measurement) data collection, water, calorie, dietary supplement and medicine tracking, etc. More information at https://bella.network/fitness-bot.
go-fitbit Library - Open Source on GitHub - Go
Library for using the Fitbit API to automatically retrieve and add data. Primarily, I needed the interface for another project (later with Mr. Fitness Bot), where I export my vital data from Fitbit to MySQL/InfluxDB for display in Grafana.
GoBouncerBot Product - Closed Source - Go
Telegram bot that monitors chat rooms and blocks new users from accessing chat functions. Access to the chat group is only allowed after solving a captcha. bouncer.bella.pm - @GoBouncerBot.
snigen Product - Closed Source - Go
Extension for DNS-based blocks. If a domain is blocked by a DNS filter, the DNS target address is rewritten to a special IP. Via HTTP/HTTPS, an appropriate error message is displayed with further information about the block. There is the possibility to release the blocked website again. With snigen, using an intermediate certificate from my internal CA, a temporary, valid certificate is issued via HTTPS during the call. This makes blocks user-friendly.
certdog.eu SaaS - Closed Source - Planning phase
Certificate monitoring for various services and domains with central management, validity check against publicly trusted certification authorities as well as private certification authorities, renewal reminder and issuance notification. Service is provided free of charge as well as for a fee.
maildog.eu SaaS - Closed Source - Initiation phase
Extension of certdog.eu with additional functions specifically for e-mail with blacklist detection, spam checks, counterpart for rspamd checks and DNS records checks.
Tasmota Deploy Automation - Closed Source - Bash + GitLab CI
Automatic creation of firmware images for IoT devices based on Tasmota. Allows individual configuration of images as well as automatic distribution and installation of the firmware on devices in the network.
uTeleBot Product - Open Source on GitLab - Go
Telegram bot that provides useful functions for system and network administrators. Also creates chat statistics in rooms where the bot is located. Reachable at @uTeleBot.
Example commands:
DDInstaller Product - Closed Source - Bash + Python + GitLab CI
An own Linux operating system based on Debian, which automatically installs and configures Windows (Server + Desktop) via PXE. Setup is automated with KVM and works on both hardware and virtual.
Certificate Monitor Product - Discontinued - Open Source on selfhosted GitLab - PHP
Certificate Monitor is a web interface with automatic SSL certificate verification. The current certificate is obtained and checked from a specified domain with IP address. Own CA can be stored. Evaluation of FTPS, SMTP/S, IMAP/S, POP3/S, RDP, IRC, LDAP/S, DNS-over-TLS, XMPP/S etc.
New development planned as a SaaS product. - See certdog.eu
More projects
More projects are available at GitLab and GitHub .
A reverse proxy with built-in authentication via SAML (ADFS) and LDAP for cross-domain use. Secures resources behind *.bella.pm and other domains and transparently forwards requests only after successful login. Role-based access rights with the possibility of guest access. Local network access is automatically detected and released.
Mr. Fitness Bot Product - Closed Source - Go
Collection, processing and evaluation of activity data, running and strength training, physical and mental health, automatic and manual (measurement) data collection, water, calorie, dietary supplement and medicine tracking, etc. More information at https://bella.network/fitness-bot.
go-fitbit Library - Open Source on GitHub - Go
Library for using the Fitbit API to automatically retrieve and add data. Primarily, I needed the interface for another project (later with Mr. Fitness Bot), where I export my vital data from Fitbit to MySQL/InfluxDB for display in Grafana.
GoBouncerBot Product - Closed Source - Go
Telegram bot that monitors chat rooms and blocks new users from accessing chat functions. Access to the chat group is only allowed after solving a captcha. bouncer.bella.pm - @GoBouncerBot.
snigen Product - Closed Source - Go
Extension for DNS-based blocks. If a domain is blocked by a DNS filter, the DNS target address is rewritten to a special IP. Via HTTP/HTTPS, an appropriate error message is displayed with further information about the block. There is the possibility to release the blocked website again. With snigen, using an intermediate certificate from my internal CA, a temporary, valid certificate is issued via HTTPS during the call. This makes blocks user-friendly.
certdog.eu SaaS - Closed Source - Planning phase
Certificate monitoring for various services and domains with central management, validity check against publicly trusted certification authorities as well as private certification authorities, renewal reminder and issuance notification. Service is provided free of charge as well as for a fee.
maildog.eu SaaS - Closed Source - Initiation phase
Extension of certdog.eu with additional functions specifically for e-mail with blacklist detection, spam checks, counterpart for rspamd checks and DNS records checks.
Tasmota Deploy Automation - Closed Source - Bash + GitLab CI
Automatic creation of firmware images for IoT devices based on Tasmota. Allows individual configuration of images as well as automatic distribution and installation of the firmware on devices in the network.
uTeleBot Product - Open Source on GitLab - Go
Telegram bot that provides useful functions for system and network administrators. Also creates chat statistics in rooms where the bot is located. Reachable at @uTeleBot.
Example commands:
/mac 00:20:91:00:BE:EF, /dns bella.pm MX, /sshscan bella.network.DDInstaller Product - Closed Source - Bash + Python + GitLab CI
An own Linux operating system based on Debian, which automatically installs and configures Windows (Server + Desktop) via PXE. Setup is automated with KVM and works on both hardware and virtual.
Certificate Monitor Product - Discontinued - Open Source on selfhosted GitLab - PHP
Certificate Monitor is a web interface with automatic SSL certificate verification. The current certificate is obtained and checked from a specified domain with IP address. Own CA can be stored. Evaluation of FTPS, SMTP/S, IMAP/S, POP3/S, RDP, IRC, LDAP/S, DNS-over-TLS, XMPP/S etc.
New development planned as a SaaS product. - See certdog.eu
More projects
More projects are available at GitLab and GitHub .