# drwho.me

> domain hygiene checks plus a remote MCP endpoint. ten Domain Dossier checks (DNS, MX, SPF, DMARC, DKIM, TLS, redirects, security headers, CORS, web surface) plus context lookups for DNS, IP, and user-agent. all callable over http (web) or mcp (claude desktop, cursor, windsurf, chatgpt connectors). open, no signup, no logs.

## tools

- [user agent](https://drwho.me/tools/user-agent): parse your browser's user agent string (browser, os, device, engine).
- [what is my ip](https://drwho.me/tools/ip): your public ip address, location, and timezone.
- [http headers](https://drwho.me/tools/headers): inspect the http request headers your browser sends.
- [ip lookup](https://drwho.me/tools/ip-lookup): look up any IP's geolocation, ASN, and ISP (via ipinfo.io).
- [dns lookup](https://drwho.me/tools/dns): resolve A, AAAA, MX, TXT, NS, or CNAME records via Cloudflare DoH.
- [dns records lookup](https://drwho.me/tools/dns-records-lookup): resolve A, AAAA, NS, SOA, CAA, and TXT records for a domain in one go.
- [mx lookup](https://drwho.me/tools/mx-lookup): list the mail exchangers (MX records) a domain advertises, sorted by priority.
- [spf checker](https://drwho.me/tools/spf-checker): find and parse a domain's SPF (sender policy framework) record.
- [dmarc checker](https://drwho.me/tools/dmarc-checker): find and parse a domain's DMARC policy record at _dmarc.<domain>.
- [dkim lookup](https://drwho.me/tools/dkim-lookup): probe common DKIM selectors (default, google, k1, selector1/2, mxvault) for a domain.
- [tls certificate checker](https://drwho.me/tools/tls-certificate-checker): inspect a domain's TLS certificate: subject, issuer, validity, SANs, fingerprint.
- [redirect checker](https://drwho.me/tools/redirect-checker): trace the HTTP(S) redirect chain from https://<domain>/ up to 10 hops.
- [security headers checker](https://drwho.me/tools/security-headers-checker): inspect the response headers served at https://<domain>/ — HSTS, CSP, X-Frame-Options, etc.
- [cors checker](https://drwho.me/tools/cors-checker): run a CORS preflight (OPTIONS) against a domain and surface the access-control-* response headers.
- [web surface inspector](https://drwho.me/tools/web-surface-inspector): fetch robots.txt, sitemap.xml, and the home page's <head> to summarise a domain's public-web surface.
- [dnssec checker](https://drwho.me/tools/dnssec-checker): verify DNSSEC chain-of-trust (DS, DNSKEY, and AD flag) for a domain.
- [mta-sts checker](https://drwho.me/tools/mta-sts-checker): fetch and validate a domain's MTA-STS policy (mode, mx, max_age).
- [tls-rpt checker](https://drwho.me/tools/tlsrpt-checker): look up a domain's TLS-RPT (SMTP TLS Reporting) policy.
- [whois lookup](https://drwho.me/tools/whois-lookup): registrar, creation date, expiry date, and registry statuses for a domain.
- [ct-log lookup](https://drwho.me/tools/ct-log-lookup): discover subdomains via Certificate Transparency logs (crt.sh / certspotter).

## mcp

- [endpoint](https://drwho.me/mcp/mcp): streamable http transport for ai clients
- [landing page](https://drwho.me/mcp): setup instructions and tool list
- [server.json](https://drwho.me/server.json): mcp server manifest

## site

- [home](https://drwho.me/): browsable tool grid
- [blog](https://drwho.me/blog): technical notes on the tools and mcp
- [about](https://drwho.me/about): maintainer and mission
- [privacy](https://drwho.me/privacy): privacy policy (cookieless analytics, no accounts)