Domain Inspector
A comprehensive domain intelligence server built on the Model Context Protocol. Gives AI assistants the ability to perform DNS lookups, WHOIS queries, SSL certificate checks, email security audits, tech stack detection, subdomain discovery, port scanning, and more — all through a single MCP connection.
Connection Setup
Add Domain Inspector to your MCP client by adding the following to your configuration file:
{
"mcpServers": {
"domain-inspector": {
"url": "https://mcpdns.onrender.com/mcp"
}
}
}
Once connected, your AI assistant will automatically have access to all 15 tools. Just ask it to analyze any domain.
Compatible Clients
Claude DesktopEdit claude_desktop_config.json
CursorSettings → MCP Servers
WindsurfSettings → MCP
VS CodeCopilot MCP extension
ClineMCP server settings
Any MCP ClientStreamable HTTP transport
Tools Reference
Each tool returns formatted text output with structured data, status indicators, and actionable insights. Below is the complete reference with real output examples generated from live queries.
domain_report
Get a complete domain intelligence report. Runs ALL checks at once: DNS, WHOIS, email
security, SSL, HTTP headers, tech stack detection, and domain age. This is the recommended starting tool —
it gives you everything in one call.
Parameters
domain string required
— Domain to analyze (e.g. google.com)
Example output — google.com
📊 COMPLETE DOMAIN REPORT: google.com ══════════════════════════════════════════════ 📡 DNS Records for google.com ✅ A Records: 142.250.180.206 ✅ AAAA Records: 2a00:1450:400d:80f::200e ✅ MX Records: Priority 10 → smtp.google.com ✅ TXT Records: (SPF, domain verifications) ✅ NS Records: ns1.google.com, ns2.google.com, ns3.google.com, ns4.google.com ══════════════════════════════════════════════ 🔍 WHOIS Lookup for google.com 📋 Registrar: MarkMonitor, Inc. 📅 Created: 1997-09-15 📅 Expires: 2028-09-13 (940 days remaining) 🟢 OK 📌 Status: clientUpdateProhibited ══════════════════════════════════════════════ 📧 Email Configuration Audit for google.com ✅ MX Records Found — Google Workspace ✅ SPF Record Found: v=spf1 include:_spf.google.com ~all ✅ DMARC Record Found: v=DMARC1; p=reject 🟢 Overall Email Security Grade: B (3/4) ══════════════════════════════════════════════ 🔒 SSL/TLS Certificate Check for google.com 🟢 Status: VALID Common Name: *.google.com Issuer: WR2 (Google Trust Services) Valid: 87 days remaining ══════════════════════════════════════════════ 🛡️ HTTP Security Headers Audit: google.com X-Frame-Options: SAMEORIGIN ✅ Overall Grade: D (1/6 critical headers) ══════════════════════════════════════════════ 🖥️ Tech Stack Detection: google.com Web Server: Google Web Server (GWS) ══════════════════════════════════════════════ 📅 Domain Age: google.com Age: 28 years, 5 months Created: September 15, 1997
dns_lookup
Look up DNS records for any domain. Supports A, AAAA, MX, TXT, NS, CNAME record
types, or ALL to fetch every type at once.
Parameters
domain string required
— Domain name to look up (e.g. example.com)
record_type enum optional
— A, AAAA, MX, TXT, NS, CNAME, or ALL (default: ALL)
Example output — google.com (ALL records)
✅ A Records: for google.com 172.217.17.78 ✅ AAAA Records: 2a00:1450:400d:80f::200e ✅ MX Records: Priority 10 → smtp.google.com ✅ TXT Records: docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e apple-domain-verification=30afIBcvSuDV2PLX facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95 google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveRhCRH6wPENVo v=spf1 include:_spf.google.com ~all (and more...) ✅ NS Records: ns1.google.com ns2.google.com ns3.google.com ns4.google.com
whois_lookup
Get WHOIS registration data for a domain including registrar, creation date, expiry
date, days remaining, name servers, and registration status.
Parameters
domain string required
— Domain name to look up (e.g. example.com)
Example output — google.com
🔍 WHOIS Lookup for google.com 📋 Registrar: MarkMonitor, Inc. 📅 Created: 1997-09-15 📅 Expires: 2028-09-13 (940 days remaining) 🟢 OK 📅 Updated: 2024-08-02 📌 Status: clientUpdateProhibited 🌐 Name Servers: ns2.google.com ns1.google.com ns3.google.com ns4.google.com
domain_available
Check whether a domain is available for registration. If the domain is taken,
suggests alternative TLDs (.net, .org, .io, etc.) and checks their availability too.
Parameters
domain string required
— Domain name to check (e.g. mycoolapp.com)
Example output — coolstartup2025.com
🔍 Domain Availability Check for coolstartup2025.com ✅ coolstartup2025.com appears to be AVAILABLE for registration!
ssl_check
Check SSL/TLS certificate details for a domain: issuer, validity dates, days
remaining, protocol version, cipher suite, and SHA-256 fingerprint. Warns about expiring or invalid
certificates.
Parameters
domain string required
— Domain or hostname to check (e.g. example.com)
Example output — google.com
🔒 SSL/TLS Certificate Check for google.com
🟢 Status: VALID
📋 Certificate Details:
Common Name: *.google.com
Alt Names: *.google.com, *.appengine.google.com, *.cloud.google.com,
*.google.ca, *.google.co.uk, *.google.de, *.google.fr, ...
Issuer: WR2 (Google Trust Services)
Valid From: Jan 20, 2025
Valid Until: Apr 14, 2025
Days Remaining: 87 🟢
🔐 Connection:
Protocol: TLSv1.3
Cipher: TLS_AES_256_GCM_SHA384
🔑 Fingerprint (SHA-256):
AB:CD:12:34:... (truncated)
email_config_check
Audit email security configuration: MX records, SPF, DKIM (checks 7 common
selectors), and DMARC. Returns an overall letter grade A–F based on how many protections are in place.
Parameters
domain string required
— Domain name to audit (e.g. example.com)
Example output — google.com
📧 Email Configuration Audit for google.com ✅ MX Records Found (1): Priority 10 → smtp.google.com 📌 Detected provider: Google Workspace ✅ SPF Record Found: v=spf1 include:_spf.google.com ~all 🟡 Soft-fail policy (~all) — acceptable ❌ No DKIM Records found for common selectors (default, google, selector1, selector2, k1, dkim, mail) ⚠️ DKIM may use custom selectors not checked here ✅ DMARC Record Found: v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com 🟢 Policy: reject — strongest protection 🟢 Overall Email Security Grade: B (3/4)
http_headers_check
Audit HTTP security headers and give a letter grade A–F. Checks for HSTS, CSP,
X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. Provides specific
recommendations for missing headers.
Parameters
domain string required
— Domain or URL to check (e.g. example.com)
Example output — google.com
🛡️ HTTP Security Headers Audit: google.com CRITICAL HEADERS: ❌ Strict-Transport-Security: MISSING 💡 Add HSTS to enforce HTTPS connections ❌ Content-Security-Policy: MISSING 💡 Add CSP to prevent XSS and injection attacks ❌ X-Content-Type-Options: MISSING 💡 Add "nosniff" to prevent MIME-type sniffing ✅ X-Frame-Options: SAMEORIGIN IMPORTANT HEADERS: ❌ Referrer-Policy: MISSING ❌ Permissions-Policy: MISSING ✅ X-XSS-Protection: 0 ══════════════════════════════════════════════ 🟡 Overall Security Grade: D (1/6 critical headers present)
reverse_dns
Reverse DNS lookup — convert an IP address to its hostname(s), or resolve a domain to
IP first and then do reverse lookup. Includes forward-confirmation to verify PTR records match.
Parameters
target string required
— IP address or domain name (e.g. 8.8.8.8 or google.com)
Example output — google.com
🔄 Reverse DNS Lookup for google.com Resolving google.com to IP addresses first… Found 2 IP(s): 172.217.17.78, 2a00:1450:400d:806::200e ✅ 172.217.17.78 → lcbuda-ah-in-f14.1e100.net, ams16s30-in-f14.1e100.net 🟢 Forward-confirmed: lcbuda-ah-in-f14.1e100.net → 172.217.17.78 ✓ 🟢 Forward-confirmed: ams16s30-in-f14.1e100.net → 172.217.17.78 ✓ ✅ 2a00:1450:400d:806::200e → bud02s21-in-x0e.1e100.net 🟢 Forward-confirmed ✓
dns_propagation
Check if DNS has propagated by querying 8 public resolvers worldwide: Google
(8.8.8.8, 8.8.4.4), Cloudflare (1.1.1.1, 1.0.0.1), OpenDNS, Quad9, Comodo, and Verisign. Shows whether all
resolvers agree.
Parameters
domain string required
— Domain to check (e.g. example.com)
record_type string optional — Record type to check (default: A)Example output — google.com (A record)
🌍 DNS Propagation Check for google.com (A) Resolver │ Result │ Status ─────────────────────────────┼────────────────────────────────┼──────── Google (8.8.8.8) │ 172.217.22.238 │ ✅ Google Alt (8.8.4.4) │ 172.217.22.238 │ ✅ Cloudflare (1.1.1.1) │ 172.217.20.206 │ ✅ Cloudflare Alt (1.0.0.1) │ 142.250.180.206 │ ✅ OpenDNS (208.67.222.222) │ 142.250.74.206 │ ✅ Quad9 (9.9.9.9) │ 142.250.180.206 │ ✅ Comodo (8.26.56.26) │ 142.250.180.206 │ ✅ Verisign (64.6.64.6) │ 142.250.74.206 │ ✅ ✅ DNS is fully propagated (8/8 resolvers responding)
subdomain_finder
Discover common subdomains for a domain by checking ~80 common subdomain prefixes
(www, mail, api, cdn, dev, staging, etc.). Groups results by category and shows resolved IP addresses.
Parameters
domain string required
— Domain to scan for subdomains (e.g. example.com)
Example output — google.com (partial)
🔍 Subdomain Discovery: google.com Checking 80 common prefixes… ✅ Found 30+ subdomains: 🌐 Web: www.google.com → 142.250.180.196 m.google.com → 142.250.180.206 📧 Mail: mail.google.com → 142.250.180.197 smtp.google.com → 142.251.9.27 ☁️ Services: api.google.com → 142.250.180.206 cdn.google.com → 142.250.180.206 docs.google.com → 142.250.180.206 calendar.google.com → 142.250.180.206 chat.google.com → 142.250.180.206 📊 30/80 subdomains found
redirect_chain
Trace the full redirect chain for a URL. Shows every redirect hop with its HTTP
status code and Location header, plus the final destination. Useful for debugging redirect loops or
verifying HTTP→HTTPS upgrades.
Parameters
url string required — URL to trace (e.g. http://example.com)max_redirects number optional — Maximum redirects to follow (default: 10)Example output — http://google.com
🔀 Redirect Chain: http://google.com Hop 1: http://google.com → 301 Moved Permanently → Location: http://www.google.com/ Hop 2: http://www.google.com/ → 200 OK ✅ (Final Destination) ══════════════════════════════════════════════ Total Hops: 2 ℹ️ www redirect detected Final URL: http://www.google.com/ Total Time: 795ms ══════════════════════════════════════════════
tech_stack_detect
Detect the technology stack of a website by analyzing HTTP response headers and HTML
content. Identifies web servers, CDNs, frameworks, CMS platforms, CSS frameworks, analytics tools, live
chat widgets, and hosting providers.
Parameters
domain string required
— Domain to analyze (e.g. example.com)
Example output — google.com
🖥️ Tech Stack Detection: google.com 🖥️ Web Server: Google Web Server (GWS) 📋 Raw Headers: server: gws ══════════════════════════════════════════════
domain_age
Calculate the exact age of a domain and show its full registration timeline: creation
date, last update, current date, and expiry. Includes a visual progress bar showing how much of the
registration period has been used.
Parameters
domain string required
— Domain to check age of (e.g. example.com)
Example output — google.com
📅 Domain Age: google.com 📆 Registration Timeline: ├── 🟢 Created: September 15, 1997 ├── 🔄 Updated: August 2, 2024 ├── 📍 Current: February 16, 2026 └── 🔴 Expires: September 13, 2028 ⏱️ Age: 28 years, 5 months, 1 days 👴 Internet veteran! 📊 Domain Longevity: ████████████████████████████░░ 92% of registration used 2 years, 7 months until expiry ══════════════════════════════════════════════
dns_compare
Compare DNS records of two domains side by side. Useful for comparing infrastructure
setups, verifying DNS migration, or benchmarking against competitors. Shows A, AAAA, MX, NS, and TXT
records in a table format.
Parameters
domain1 string required
— First domain (e.g. google.com)
domain2 string required
— Second domain (e.g. bing.com)
Example output — google.com vs bing.com
🔄 DNS Comparison: google.com vs bing.com
Record Type │ google.com │ bing.com
─────────────┼────────────────────────────────┼───────────────────────
A │ 142.250.180.206 │ 150.171.28.10
│ │ 150.171.27.10
─────────────┼────────────────────────────────┼───────────────────────
AAAA │ 2a00:1450:400d:80f::200e │ 2620:1ec:33::10
│ │ 2620:1ec:33:1::10
─────────────┼────────────────────────────────┼───────────────────────
MX │ smtp.google.com (pri 10) │ bing-com.mail.protection
│ │ .outlook.com (pri 10)
─────────────┼────────────────────────────────┼───────────────────────
NS │ ns1-4.google.com │ ns1-4.msft.net
port_check
Check if network ports are open on a domain. By default scans 16 common ports (HTTP,
HTTPS, SSH, FTP, SMTP, DNS, IMAP, POP3, MySQL, PostgreSQL, etc.). You can also specify a custom list of
ports. Includes service identification and security insights.
Parameters
domain string required
— Domain or IP to scan (e.g. example.com)
ports string optional
— Comma-separated port numbers or "common" (default: common)
Example output — google.com (ports 80, 443)
🔌 Port Check: google.com Resolved to: 172.217.20.206 Port │ Service │ Status ────────┼───────────────┼─────────── 80 │ HTTP │ ✅ Open 443 │ HTTPS │ ✅ Open ══════════════════════════════════════════════ 📊 Results: 2 open, 0 closed out of 2 ports checked ⏱️ Scan completed in 0.0s ✅ Web services: HTTP and HTTPS are both open (good!) ══════════════════════════════════════════════
Prompt Templates
Domain Inspector includes 4 built-in prompt templates that orchestrate multiple tools for common workflows. Your AI assistant can use these directly.
domain-check
Run a full domain intelligence report with executive summary. Returns DNS, WHOIS,
email security, SSL, HTTP headers, tech stack, and domain age — then provides an overall health
assessment, urgent issues, and prioritized recommendations.
Parameters
domain string required
— Domain to analyze
security-audit
Perform a security audit by running ssl_check, http_headers_check,
email_config_check, and port_check in sequence. Summarizes findings with an overall security rating and
recommendations.
Parameters
domain string required
— Domain to audit
compare-domains
Compare two domains side by side using dns_compare, ssl_check, and
http_headers_check. Highlights key differences in DNS configuration, SSL certificates, and security
headers.
Parameters
domain1 string required
— First domain
domain2 string required
— Second domain
find-subdomains
Discover all subdomains using subdomain_finder and analyze what each one likely
serves (mail, API, CDN, etc.) based on its name and IP. Summarizes the domain's infrastructure footprint.
Parameters
domain string required
— Domain to scan
API Endpoints
Domain Inspector exposes the following HTTP endpoints:
POST /mcp
Main MCP JSON-RPC endpoint. Supports Streamable HTTP transport with session
management. Send an
initialize request to start a session, then use tools/call,
prompts/list, resources/list, etc.
GET /health
Health check endpoint. Returns JSON with server status, tool count, and version. Use
this for uptime monitoring.
Example response
{ "status": "ok", "tools": 15, "version": "2.0.0" }
GET /.well-known/mcp/server-card.json
Server metadata card following the MCP specification. Contains server name,
description, version, tool definitions, and configuration schema.
GET /icon.svg
Server icon in SVG format for use in MCP client UIs.
Frequently Asked Questions
What is Domain Inspector?
Domain Inspector is an MCP (Model Context Protocol) server that gives AI assistants the
ability to perform domain intelligence lookups. It provides 15 tools covering DNS records, WHOIS
registration data, SSL/TLS certificates, email security (SPF/DKIM/DMARC), HTTP security headers,
technology stack detection, subdomain discovery, port scanning, and more.
What is MCP?
The Model Context Protocol (MCP) is an open standard by Anthropic that allows AI
assistants to connect to external tools and data sources. It enables AI models to take actions and access
real-time information through a standardized JSON-RPC interface over HTTP. Think of it as a universal
plugin system for AI.
How do I connect?
Add the server URL (
https://mcpdns.onrender.com/mcp) to your MCP client's
configuration. Most clients (Claude Desktop, Cursor, Windsurf, VS Code) have a settings panel or JSON
config file where you can add MCP servers. Once connected, your AI assistant automatically gains access to
all 15 tools.What data sources does it use?
All data comes from public sources and standard network protocols: DNS queries via the
system resolver, public WHOIS registries, direct TLS connections for certificate inspection, HTTP response
headers, and HTML content analysis. No private databases, third-party APIs, or paid services are used.
Is it safe to use?
Yes. All tools are read-only and only query publicly available data. DNS lookups, WHOIS
queries, and SSL checks are standard operations that every web browser performs. Subdomain scanning checks
only ~80 common prefixes, and port checking uses conservative timeouts with a limited set of well-known
ports.
How fast are the responses?
Most individual tools respond in under 3 seconds. DNS lookups and SSL checks are
typically under 1 second. The full domain_report tool, which runs 7 checks in parallel, usually completes
in 3–8 seconds depending on the target domain. Subdomain scanning takes longer (10–20 seconds) as it
checks ~80 prefixes.
What are the rate limits?
There are currently no artificial rate limits on the server. However, the underlying DNS
and WHOIS protocols have their own natural rate limits. For responsible use, avoid running bulk scans of
hundreds of domains in rapid succession.
Can I use it for commercial purposes?
Yes, you can use Domain Inspector for commercial purposes including client audits,
security assessments, and competitive analysis. The data returned is from public sources and is not
proprietary.