Initial commit - NUC server configuration and docs

- CLAUDE.md: Server instructions and service reference - docs/: Persistent documentation (architecture, guides) - .artifacts/: Session-generated notes - playwriter-browser/: Remote browser container config Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 20:49:20 +00:00
commit 390eda1595
25 changed files with 3664 additions and 0 deletions
--- a/docs/domain-check-guide.md
+++ b/docs/domain-check-guide.md
@@ -0,0 +1,301 @@
+# Domain Pre-Purchase Check Guide
+
+**Date:** 2026-02-01
+**Context:** After whymyrating.com was blocked by Spanish ISPs due to LaLiga's Cloudflare IP blocking, this guide documents how to check a domain before purchase to avoid similar issues.
+
+---
+
+## Quick Checklist
+
+- [ ] Domain not previously used for spam/malware
+- [ ] Not on any security blocklists
+- [ ] Hosting provider IPs not blocked in target countries
+- [ ] No trademark conflicts
+- [ ] Clean WHOIS history
+
+---
+
+## Step 1: Check Domain Availability & History
+
+### 1.1 Basic Availability
+```bash
+# WHOIS check
+whois <domain> | grep -iE "registrar|creation|status"
+
+# If "No match" = available and clean
+# If registered = check who owns it
+```
+
+### 1.2 Historical Usage (Archive.org)
+Check if domain was previously used (and for what):
+- **URL:** `https://web.archive.org/web/*/https://<domain>`
+- Look for: spam, adult content, piracy, gambling
+
+### 1.3 Expired Domain History
+- **ExpiredDomains.net:** `https://www.expireddomains.net/domain-name-search/?q=<domain>`
+- Check: Previous backlinks, spam score, previous usage
+
+---
+
+## Step 2: Security & Reputation Checks
+
+### 2.1 VirusTotal (Multi-vendor scan)
+```
+URL: https://www.virustotal.com/gui/domain/<domain>
+```
+- Check: Detection ratio (should be 0/90+)
+- Look for: Any vendor flagging as malicious
+
+### 2.2 Google Safe Browsing
+```
+URL: https://transparencyreport.google.com/safe-browsing/search?url=<domain>
+```
+- Status should be: "No unsafe content found"
+
+### 2.3 Sucuri SiteCheck
+```
+URL: https://sitecheck.sucuri.net/?scan=<domain>
+```
+- Check: Blacklist status, malware, spam flags
+- Should show: Clean across all vendors
+
+### 2.4 Other Reputation Services
+| Service | URL |
+|---------|-----|
+| MXToolbox | `https://mxtoolbox.com/blacklists.aspx` |
+| Spamhaus | `https://check.spamhaus.org/` |
+| SURBL | `http://www.surbl.org/surbl-analysis` |
+| PhishTank | `https://phishtank.org/` |
+| URLhaus | `https://urlhaus.abuse.ch/browse/` |
+
+---
+
+## Step 3: Regional Blocking Check (Critical for Spain)
+
+### 3.1 Spanish ISP LaLiga Blocks
+If targeting Spanish users, check if the hosting provider's IPs are blocked:
+
+**Live Block Monitor:**
+```
+URL: https://hayahora.futbol
+API: https://hayahora.futbol/estado/data.json
+```
+
+**Check specific IP:**
+```bash
+# Get your hosting provider's IPs
+dig +short <domain> A
+
+# Check if those IPs are in the block list
+curl -s "https://hayahora.futbol/estado/data.json" | \
+  python3 -c "
+import json, sys
+data = json.load(sys.stdin)
+ip = '<YOUR_IP>'  # Replace with actual IP
+for entry in data.get('data', []):
+    if entry.get('ip') == ip:
+        print(f\"ISP: {entry['isp']} | Blocked: {entry['stateChanges'][-1]['state']}\")
+"
+```
+
+### 3.2 Spanish ISPs That Block
+
+| ISP | Brands | Block Type |
+|-----|--------|------------|
+| **MásOrange** | Orange, Yoigo, Jazztel, Masmovil, Simyo, Pepephone, Lebara, Lyca, Llamaya, Euskaltel | IP-based |
+| **Movistar** | Movistar, O2 | IP-based |
+| **Vodafone** | Vodafone, Lowi | IP-based |
+| **DIGI** | DIGI | IP-based |
+
+**Blocking occurs:** During LaLiga matches (weekends, some weekdays)
+**Season:** August - May each year
+
+### 3.3 Global Accessibility Test
+```bash
+# Multi-location HTTP check
+curl -s "https://check-host.net/check-http?host=<domain>&max_nodes=10" \
+  -H "Accept: application/json"
+
+# Wait 5 seconds, then get results
+curl -s "https://check-host.net/check-result/<request_id>" \
+  -H "Accept: application/json"
+```
+
+### 3.4 Internet Censorship Check (China, Russia, Turkey)
+```
+URL: https://www.experte.com/internet-censorship
+```
+
+---
+
+## Step 4: Hosting Provider Risk Assessment
+
+### 4.1 High-Risk Providers for Spain
+These providers use shared IPs that get blocked by LaLiga:
+
+| Provider | Risk Level | Reason |
+|----------|------------|--------|
+| **Cloudflare (free)** | 🔴 HIGH | Shared IPs frequently blocked |
+| **Vercel** | 🔴 HIGH | Affected by same blocks |
+| **Netlify** | 🟡 MEDIUM | Some IP ranges blocked |
+| **GitHub Pages** | 🟡 MEDIUM | Occasionally affected |
+| **BunnyCDN** | 🟡 MEDIUM | Some blocks reported |
+
+### 4.2 Lower-Risk Options for Spain
+
+| Solution | Risk Level | Notes |
+|----------|------------|-------|
+| **Cloudflare Pro/Business** | 🟢 LOW | Dedicated IPs available |
+| **Dedicated VPS** | 🟢 LOW | Own IP, not shared |
+| **AWS CloudFront** | 🟢 LOW | Different IP ranges |
+| **Non-CDN hosting** | 🟢 LOW | Direct IP, no sharing |
+
+### 4.3 Check If Hosting IPs Are Clean
+```bash
+# Get hosting provider's IP range
+dig +short <cdn-domain> A
+
+# Check against Spanish block list
+curl -s "https://hayahora.futbol/estado/data.json" | \
+  grep -c "<IP_PREFIX>"
+# If count > 0, that IP range has been blocked before
+```
+
+---
+
+## Step 5: DNS & Email Reputation
+
+### 5.1 Check DNS Blacklists
+```bash
+# Using MXToolbox
+curl -s "https://mxtoolbox.com/api/v1/lookup/blacklist/<domain>"
+```
+
+### 5.2 Email Deliverability
+If you'll send emails from this domain:
+- Check if IP range is on Spamhaus
+- Verify no previous spam history
+- Set up SPF, DKIM, DMARC from day 1
+
+---
+
+## Step 6: Trademark & Legal Check
+
+### 6.1 Trademark Search
+- **USPTO:** `https://tmsearch.uspto.gov`
+- **EUIPO:** `https://euipo.europa.eu/eSearch/`
+- **WIPO Global:** `https://branddb.wipo.int`
+
+### 6.2 Domain Disputes History
+- Check UDRP decisions: `https://www.wipo.int/amc/en/domains/search/`
+
+---
+
+## Complete Pre-Purchase Script
+
+```bash
+#!/bin/bash
+DOMAIN="$1"
+
+echo "=== Domain Pre-Purchase Check: $DOMAIN ==="
+
+echo -e "\n[1/6] WHOIS Check"
+whois "$DOMAIN" 2>/dev/null | grep -iE "registrar|creation|status|No match" | head -5
+
+echo -e "\n[2/6] DNS Resolution"
+dig +short "$DOMAIN" A
+
+echo -e "\n[3/6] Security Check (Sucuri)"
+echo "Visit: https://sitecheck.sucuri.net/?scan=$DOMAIN"
+
+echo -e "\n[4/6] VirusTotal"
+echo "Visit: https://www.virustotal.com/gui/domain/$DOMAIN"
+
+echo -e "\n[5/6] Archive.org History"
+echo "Visit: https://web.archive.org/web/*/$DOMAIN"
+
+echo -e "\n[6/6] Spanish ISP Block Check"
+IP=$(dig +short "$DOMAIN" A | head -1)
+if [ -n "$IP" ]; then
+    echo "IP: $IP"
+    BLOCKED=$(curl -s "https://hayahora.futbol/estado/data.json" 2>/dev/null | grep -c "\"$IP\"")
+    if [ "$BLOCKED" -gt 0 ]; then
+        echo "⚠️  WARNING: This IP has been blocked by Spanish ISPs"
+    else
+        echo "✅ IP not in Spanish block list"
+    fi
+else
+    echo "No IP yet (domain not configured)"
+fi
+
+echo -e "\n=== Check Complete ==="
+```
+
+---
+
+## Red Flags to Avoid
+
+| Red Flag | Why It's Bad |
+|----------|--------------|
+| Previously used for spam | Email deliverability issues |
+| On any security blocklist | SEO penalties, browser warnings |
+| Hosting on shared Cloudflare IPs | Spanish ISP blocks |
+| Similar to trademarked name | Legal disputes |
+| Expired domain with backlinks from spam sites | Google penalties |
+| Previously used for piracy/gambling | Regulatory blocks |
+
+---
+
+## Recommended Workflow
+
+```
+1. Check availability (WHOIS)
+        ↓
+2. Check history (Archive.org)
+        ↓
+3. Security scan (VirusTotal, Sucuri)
+        ↓
+4. Check hosting provider's IPs against block lists
+        ↓
+5. If targeting Spain: Verify IPs not in LaLiga blocks
+        ↓
+6. Trademark search
+        ↓
+7. Purchase domain
+        ↓
+8. Set up on dedicated IP or low-risk CDN
+```
+
+---
+
+## Resources
+
+| Resource | URL | Purpose |
+|----------|-----|---------|
+| hayahora.futbol | https://hayahora.futbol | Spanish ISP block monitor |
+| VirusTotal | https://virustotal.com | Multi-vendor security scan |
+| Sucuri SiteCheck | https://sitecheck.sucuri.net | Website security check |
+| Archive.org | https://web.archive.org | Historical usage |
+| Check-Host | https://check-host.net | Multi-location accessibility |
+| EXPERTE | https://experte.com/internet-censorship | Censorship check |
+| MXToolbox | https://mxtoolbox.com | Email/DNS blacklists |
+
+---
+
+## Lessons from whymyrating.com
+
+**What happened:**
+- Domain registered Jan 30, 2026
+- Hosted on Cloudflare (free tier, shared IPs)
+- IPs 188.114.97.5 and 188.114.96.5 are in LaLiga block rotation
+- Blocked by Orange and Masmovil in Spain during matches
+
+**How to avoid:**
+1. Use dedicated IPs or non-Cloudflare CDN for Spanish audience
+2. Check hayahora.futbol before choosing hosting
+3. Consider Cloudflare Pro for dedicated IPs
+4. Have VPN/alternative access ready for Spanish users
+
+---
+
+**Related:** See CLAUDE.md > Domain Configuration Workflow for setup after purchase.