commit b3b02c7db47df50e197d14c53b58d347d2036ed5 Author: Blake Ridgway Date: Sat Mar 21 17:59:35 2026 -0500 Initial commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..76003d8 --- /dev/null +++ b/README.md @@ -0,0 +1,33 @@ +# arcline-check + +CLI tool that checks whether a domain is genuinely self-hosted or routing through a CDN or cloud provider (Cloudflare, Fastly, AWS CloudFront, etc.). + +Core to the Arcline brand — useful as a standalone tool for anyone who wants to verify a host's transparency claims. + +## Status + +Planned. Not yet started. + +## Stack + +- Go — single static binary +- Targets: linux/amd64, darwin/arm64, windows/amd64 +- No runtime dependencies + +## Usage + +```sh +arcline-check example.com +arcline-check example.com --json +arcline-check example.com --watch 30 +``` + +## How it works + +1. Resolves domain to IP +2. PTR/rDNS lookup +3. ASN/org lookup (ip-api.com or self-hosted fallback) +4. Checks IP against known CDN/cloud CIDR ranges +5. Fetches HTTP headers and inspects for CDN fingerprints (CF-Ray, X-Served-By, Via, X-Cache) + +See [todo.md](todo.md) for the full task list and output format spec. diff --git a/todo.md b/todo.md new file mode 100644 index 0000000..8cb8f87 --- /dev/null +++ b/todo.md @@ -0,0 +1,53 @@ +# arcline-check — CDN / Transparency Auditor + +Checks whether a domain is truly self-hosted or routing through a CDN/cloud +provider (Cloudflare, Fastly, AWS CloudFront, etc.). Core to the Arcline brand. + +## Stack +- Language: Go +- Distribution: single static binary (linux/amd64, darwin/arm64, windows/amd64) +- No runtime dependencies + +## Features +- [ ] Resolve domain → IP +- [ ] Reverse DNS lookup (PTR record) +- [ ] ASN / org lookup via ip-api.com or ipinfo.io (self-hosted fallback) +- [ ] Detect known CDN/cloud CIDR ranges (Cloudflare, Fastly, AWS, GCP, Azure) +- [ ] HTTP header inspection (CF-Ray, X-Served-By, Via, Server, X-Cache) +- [ ] Output: clean terminal report (color-coded pass/fail) +- [ ] Output: --json flag for scripting +- [ ] --watch flag: re-check every N seconds (useful during DNS migration) + +## CLI interface +``` +arcline-check example.com +arcline-check example.com --json +arcline-check example.com --watch 30 +``` + +## Output format +``` +$ arcline-check example.com + + domain example.com + resolved 203.0.113.42 + rdns server1.arclineit.com + asn AS64496 Example ISP + org Example ISP LLC + + [OK] not behind a known CDN + [OK] no Cloudflare headers detected + [OK] IP not in AWS/GCP/Azure ranges +``` + +## Tasks +- [ ] Project scaffold (go mod init, cmd/, internal/) +- [ ] DNS resolution + PTR lookup +- [ ] ASN lookup (HTTP call to free API, cache result) +- [ ] CDN CIDR list (embed JSON, update via Makefile) +- [ ] HTTP header fetch + CDN header detection +- [ ] Report renderer (color terminal + JSON) +- [ ] --watch mode +- [ ] Cross-compile Makefile targets +- [ ] README with usage examples +- [ ] GitLab CI: build + release binaries on tag