alezmad/nuc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
nuc/docs/domain-check-guide.md
Alejandro Gutiérrez 390eda1595 Initial commit - NUC server configuration and docs 
- CLAUDE.md: Server instructions and service reference
- docs/: Persistent documentation (architecture, guides)
- .artifacts/: Session-generated notes
- playwriter-browser/: Remote browser container config

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 20:49:20 +00:00

302 lines
8.2 KiB
Markdown
Raw Permalink Blame History

# Domain Pre-Purchase Check Guide
**Date:** 2026-02-01
**Context:** After whymyrating.com was blocked by Spanish ISPs due to LaLiga's Cloudflare IP blocking, this guide documents how to check a domain before purchase to avoid similar issues.
---
## Quick Checklist
- [ ] Domain not previously used for spam/malware
- [ ] Not on any security blocklists
- [ ] Hosting provider IPs not blocked in target countries
- [ ] No trademark conflicts
- [ ] Clean WHOIS history
---
## Step 1: Check Domain Availability & History
### 1.1 Basic Availability
```bash
# WHOIS check
whois <domain> | grep -iE "registrar|creation|status"
# If "No match" = available and clean
# If registered = check who owns it
```
### 1.2 Historical Usage (Archive.org)
Check if domain was previously used (and for what):
- **URL:** `https://web.archive.org/web/*/https://<domain>`
- Look for: spam, adult content, piracy, gambling
### 1.3 Expired Domain History
- **ExpiredDomains.net:** `https://www.expireddomains.net/domain-name-search/?q=<domain>`
- Check: Previous backlinks, spam score, previous usage
---
## Step 2: Security & Reputation Checks
### 2.1 VirusTotal (Multi-vendor scan)
```
URL: https://www.virustotal.com/gui/domain/<domain>
```
- Check: Detection ratio (should be 0/90+)
- Look for: Any vendor flagging as malicious
### 2.2 Google Safe Browsing
```
URL: https://transparencyreport.google.com/safe-browsing/search?url=<domain>
```
- Status should be: "No unsafe content found"
### 2.3 Sucuri SiteCheck
```
URL: https://sitecheck.sucuri.net/?scan=<domain>
```
- Check: Blacklist status, malware, spam flags
- Should show: Clean across all vendors
### 2.4 Other Reputation Services
| Service | URL |
|---------|-----|
| MXToolbox | `https://mxtoolbox.com/blacklists.aspx` |
| Spamhaus | `https://check.spamhaus.org/` |
| SURBL | `http://www.surbl.org/surbl-analysis` |
| PhishTank | `https://phishtank.org/` |
| URLhaus | `https://urlhaus.abuse.ch/browse/` |
---
## Step 3: Regional Blocking Check (Critical for Spain)
### 3.1 Spanish ISP LaLiga Blocks
If targeting Spanish users, check if the hosting provider's IPs are blocked:
**Live Block Monitor:**
```
URL: https://hayahora.futbol
API: https://hayahora.futbol/estado/data.json
```
**Check specific IP:**
```bash
# Get your hosting provider's IPs
dig +short <domain> A
# Check if those IPs are in the block list
curl -s "https://hayahora.futbol/estado/data.json" | \
python3 -c "
import json, sys
data = json.load(sys.stdin)
ip = '<YOUR_IP>' # Replace with actual IP
for entry in data.get('data', []):
if entry.get('ip') == ip:
print(f\"ISP: {entry['isp']} | Blocked: {entry['stateChanges'][-1]['state']}\")
"
```
### 3.2 Spanish ISPs That Block
| ISP | Brands | Block Type |
|-----|--------|------------|
| **MásOrange** | Orange, Yoigo, Jazztel, Masmovil, Simyo, Pepephone, Lebara, Lyca, Llamaya, Euskaltel | IP-based |
| **Movistar** | Movistar, O2 | IP-based |
| **Vodafone** | Vodafone, Lowi | IP-based |
| **DIGI** | DIGI | IP-based |
**Blocking occurs:** During LaLiga matches (weekends, some weekdays)
**Season:** August - May each year
### 3.3 Global Accessibility Test
```bash
# Multi-location HTTP check
curl -s "https://check-host.net/check-http?host=<domain>&max_nodes=10" \
-H "Accept: application/json"
# Wait 5 seconds, then get results
curl -s "https://check-host.net/check-result/<request_id>" \
-H "Accept: application/json"
```
### 3.4 Internet Censorship Check (China, Russia, Turkey)
```
URL: https://www.experte.com/internet-censorship
```
---
## Step 4: Hosting Provider Risk Assessment
### 4.1 High-Risk Providers for Spain
These providers use shared IPs that get blocked by LaLiga:
| Provider | Risk Level | Reason |
|----------|------------|--------|
| **Cloudflare (free)** | 🔴 HIGH | Shared IPs frequently blocked |
| **Vercel** | 🔴 HIGH | Affected by same blocks |
| **Netlify** | 🟡 MEDIUM | Some IP ranges blocked |
| **GitHub Pages** | 🟡 MEDIUM | Occasionally affected |
| **BunnyCDN** | 🟡 MEDIUM | Some blocks reported |
### 4.2 Lower-Risk Options for Spain
| Solution | Risk Level | Notes |
|----------|------------|-------|
| **Cloudflare Pro/Business** | 🟢 LOW | Dedicated IPs available |
| **Dedicated VPS** | 🟢 LOW | Own IP, not shared |
| **AWS CloudFront** | 🟢 LOW | Different IP ranges |
| **Non-CDN hosting** | 🟢 LOW | Direct IP, no sharing |
### 4.3 Check If Hosting IPs Are Clean
```bash
# Get hosting provider's IP range
dig +short <cdn-domain> A
# Check against Spanish block list
curl -s "https://hayahora.futbol/estado/data.json" | \
grep -c "<IP_PREFIX>"
# If count > 0, that IP range has been blocked before
```
---
## Step 5: DNS & Email Reputation
### 5.1 Check DNS Blacklists
```bash
# Using MXToolbox
curl -s "https://mxtoolbox.com/api/v1/lookup/blacklist/<domain>"
```
### 5.2 Email Deliverability
If you'll send emails from this domain:
- Check if IP range is on Spamhaus
- Verify no previous spam history
- Set up SPF, DKIM, DMARC from day 1
---
## Step 6: Trademark & Legal Check
### 6.1 Trademark Search
- **USPTO:** `https://tmsearch.uspto.gov`
- **EUIPO:** `https://euipo.europa.eu/eSearch/`
- **WIPO Global:** `https://branddb.wipo.int`
### 6.2 Domain Disputes History
- Check UDRP decisions: `https://www.wipo.int/amc/en/domains/search/`
---
## Complete Pre-Purchase Script
```bash
#!/bin/bash
DOMAIN="$1"
echo "=== Domain Pre-Purchase Check: $DOMAIN ==="
echo -e "\n[1/6] WHOIS Check"
whois "$DOMAIN" 2>/dev/null | grep -iE "registrar|creation|status|No match" | head -5
echo -e "\n[2/6] DNS Resolution"
dig +short "$DOMAIN" A
echo -e "\n[3/6] Security Check (Sucuri)"
echo "Visit: https://sitecheck.sucuri.net/?scan=$DOMAIN"
echo -e "\n[4/6] VirusTotal"
echo "Visit: https://www.virustotal.com/gui/domain/$DOMAIN"
echo -e "\n[5/6] Archive.org History"
echo "Visit: https://web.archive.org/web/*/$DOMAIN"
echo -e "\n[6/6] Spanish ISP Block Check"
IP=$(dig +short "$DOMAIN" A | head -1)
if [ -n "$IP" ]; then
echo "IP: $IP"
BLOCKED=$(curl -s "https://hayahora.futbol/estado/data.json" 2>/dev/null | grep -c "\"$IP\"")
if [ "$BLOCKED" -gt 0 ]; then
echo "⚠️ WARNING: This IP has been blocked by Spanish ISPs"
else
echo "✅ IP not in Spanish block list"
fi
else
echo "No IP yet (domain not configured)"
fi
echo -e "\n=== Check Complete ==="
```
---
## Red Flags to Avoid
| Red Flag | Why It's Bad |
|----------|--------------|
| Previously used for spam | Email deliverability issues |
| On any security blocklist | SEO penalties, browser warnings |
| Hosting on shared Cloudflare IPs | Spanish ISP blocks |
| Similar to trademarked name | Legal disputes |
| Expired domain with backlinks from spam sites | Google penalties |
| Previously used for piracy/gambling | Regulatory blocks |
---
## Recommended Workflow
```
1. Check availability (WHOIS)
2. Check history (Archive.org)
3. Security scan (VirusTotal, Sucuri)
4. Check hosting provider's IPs against block lists
5. If targeting Spain: Verify IPs not in LaLiga blocks
6. Trademark search
7. Purchase domain
8. Set up on dedicated IP or low-risk CDN
```
---
## Resources
| Resource | URL | Purpose |
|----------|-----|---------|
| hayahora.futbol | https://hayahora.futbol | Spanish ISP block monitor |
| VirusTotal | https://virustotal.com | Multi-vendor security scan |
| Sucuri SiteCheck | https://sitecheck.sucuri.net | Website security check |
| Archive.org | https://web.archive.org | Historical usage |
| Check-Host | https://check-host.net | Multi-location accessibility |
| EXPERTE | https://experte.com/internet-censorship | Censorship check |
| MXToolbox | https://mxtoolbox.com | Email/DNS blacklists |
---
## Lessons from whymyrating.com
**What happened:**
- Domain registered Jan 30, 2026
- Hosted on Cloudflare (free tier, shared IPs)
- IPs 188.114.97.5 and 188.114.96.5 are in LaLiga block rotation
- Blocked by Orange and Masmovil in Spain during matches
**How to avoid:**
1. Use dedicated IPs or non-Cloudflare CDN for Spanish audience
2. Check hayahora.futbol before choosing hosting
3. Consider Cloudflare Pro for dedicated IPs
4. Have VPN/alternative access ready for Spanish users
---
**Related:** See CLAUDE.md > Domain Configuration Workflow for setup after purchase.
Reference in New Issue View Git Blame Copy Permalink