Korean ISPs use SNI-based DPI (not DNS hijacking) to block sites.
TCP DNS queries to ISP servers from Cloudflare Workers returned real IPs
even for blocked domains. Now uses Globalping eyeball probes (KT, LG U+)
to detect ECONNRESET on HTTPS — the signature of SNI-based blocking.
Verified: pornhub.com correctly detected as blocked by Korea Telecom.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
DNS lookup (DoH via Cloudflare/Google), Korean ISP block detection
(KT/LG/SK via TCP DNS), HTTP/HTTPS check, and TCP port test — all
run in parallel with per-check timeouts. Integrated as diagnose_domain
tool in troubleshoot-agent with updated patterns for network keywords.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implement hybrid knowledge search using Cloudflare Vectorize + Workers AI
embeddings (bge-base-en-v1.5, 768d) merged with existing D1 LIKE queries,
with graceful degradation when Vectorize is unavailable. Add admin API
endpoints for batch/single article indexing.
Add 4 proactive notification cron jobs: server status changes, deposit
confirmation/rejection alerts, pending payment reminders (1h+), and bank
deposit matching notifications — all with DB-column-based deduplication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
