MCP endpoint

Endpoint

Install in your client

{
  "mcpServers": {
    "drwho.me": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://drwho.me/mcp/mcp"
      ]
    }
  }
}

Tools advertised (19)

• ip_lookup — Context lookup: Resolve an IPv4 or IPv6 address to its geolocation, ASN, org name, and city/country. Use when you need network or location context for a raw IP address; prefer dns_lookup or dossier_dns for hostname resolution. Queries ipinfo.io with a server-side token — the token is never exposed to callers. Returns a JSON object with fields ip, city, region, country, org, loc, and timezone. On failure, returns an error string describing what went wrong. (try in browser)
• dns_lookup — Context lookup: Resolve a single DNS record type (A, AAAA, MX, TXT, NS, CNAME, SOA, CAA, or SRV) and return the raw answers. Use for quick, targeted lookups of one record type; prefer dossier_dns for a full multi-type DNS audit in parallel, or dossier_full for a complete domain health check. Queries Cloudflare DoH (1.1.1.1/dns-query) over HTTPS, follows CNAME chains, 5 s timeout. Returns a JSON array of answer objects with name, type, and data fields. On error, returns a string describing the DNS failure. (try in browser)
• dossier_dns — Core dossier check: Fetch a domain's full DNS profile — A, AAAA, NS, SOA, CAA, and TXT records — all in parallel. Use as the first step of a domain audit or when you need a comprehensive DNS snapshot in one call; prefer dns_lookup for a single record type, or dossier_full for all 10 dossier checks at once. Fires six Cloudflare DoH (1.1.1.1) queries concurrently, each with a 5 s timeout. Returns a CheckResult discriminated union: on success, {status:"ok", records:{a, aaaa, ns, soa, caa, txt}}; on failure, {status:"error", reason}. (try in browser)
• dossier_mx — Core dossier check: Look up a domain's MX (mail exchanger) records and return them sorted ascending by priority. Use when verifying inbound-mail routing or as a precursor to SPF or DMARC checks; prefer dns_lookup with type=MX if you only need the raw DNS answer without the ranked view. Queries Cloudflare DoH (1.1.1.1), follows CNAME aliases, 5 s timeout. Returns a CheckResult discriminated union: on success, {status:"ok", records:[{exchange, priority},...]} sorted by priority; on failure, {status:"error", reason}. (try in browser)
• dossier_spf — Core dossier check: Retrieve and parse a domain's SPF record, decomposing it into mechanisms and qualifiers. Use to verify email sender policy, debug delivery failures, or check the 10-lookup limit; pair with dossier_dmarc for full email-auth coverage, or use dns_lookup with type=TXT for the raw record only. Fetches TXT records via Cloudflare DoH (1.1.1.1), 5 s timeout, locates the v=spf1 record and parses all mechanisms. Returns a CheckResult: on success, {status:"ok", raw, mechanisms:[{type, value, qualifier},...], lookupCount}; on failure, {status:"error", reason}. (try in browser)
• dossier_dmarc — Core dossier check: Retrieve and parse a domain's DMARC policy from its _dmarc.<domain> TXT record, returning all tags. Use to audit email authentication policy, verify the p (policy) and rua (reporting) settings, or confirm alignment mode; pair with dossier_spf and dossier_dkim for complete email-auth coverage. Queries _dmarc.<domain> via Cloudflare DoH (1.1.1.1), 5 s timeout; parses each tag=value pair. Returns a CheckResult: on success, {status:"ok", raw, tags:{p, rua, ruf, adkim, aspf,...}}; on failure, {status:"error", reason}. (try in browser)
• dossier_dkim — Core dossier check: Probe a domain's DKIM public keys by querying <selector>._domainkey.<domain> for each selector. Use to verify signing configuration or discover active selectors; supply selectors when you know the ESP's selector, or omit to probe six common selectors (default, google, k1, selector1, selector2, mxvault). Issues parallel Cloudflare DoH (1.1.1.1) TXT queries per selector, 5 s timeout each. Returns a CheckResult: {status:"ok", found:[{selector, publicKey, raw},...], notFound:[...]} or {status:"error", reason}. (try in browser)
• dossier_tls — Core dossier check: Fetch and inspect the TLS certificate presented by a domain on port 443, returning chain details and validity period. Use to verify certificate expiry, issuer, Subject Alternative Names, or detect mismatched or self-signed certs; not a full cipher-suite scanner. Performs a TLS handshake from the server edge, 5 s timeout; extracts the leaf certificate. Returns a CheckResult: on success, {status:"ok", subject, issuer, validFrom, validTo, daysRemaining, sans, fingerprint}; on failure, {status:"error", reason}. (try in browser)
• dossier_redirects — Core dossier check: Trace the full HTTP redirect chain starting from https://<domain>/, recording each hop's status code and destination URL. Use to debug redirect loops, verify HTTP→HTTPS upgrades, or audit link shorteners; stops at 10 hops to prevent infinite loops. Follows Location headers with fetch (no auto-redirect), 5 s per hop. Returns a CheckResult: on success, {status:"ok", hops:[{url, statusCode, redirectsTo},...], final}; on failure, {status:"error", reason}. (try in browser)
• dossier_headers — Core dossier check: Fetch https://<domain>/ and return all HTTP response headers, with an audit highlighting missing or misconfigured security headers. Use to review CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy; for redirect tracing use dossier_redirects instead. Single GET via fetch, 5 s timeout, captures raw response headers before any redirect is followed. Returns a CheckResult: on success, {status:"ok", headers:{...}, securityAudit:[{header, present, value},...]}; on failure, {status:"error", reason}. (try in browser)
• dossier_cors — Core dossier check: Send a CORS preflight OPTIONS request to https://<domain>/ and return the access-control-* response headers. Use to verify CORS policy for a specific origin-method pair, or to check whether a domain allows cross-origin requests; provide origin and method to simulate a precise preflight, or omit to use defaults (origin: https://drwho.me, method: GET). Single OPTIONS request via fetch, 5 s timeout. Returns a CheckResult: on success, {status:"ok", headers:{access-control-allow-origin,...}}; on failure, {status:"error", reason}. (try in browser)
• dossier_web_surface — Core dossier check: Snapshot a domain's public web surface: robots.txt, sitemap.xml, and the home-page <head> metadata (title, description, OpenGraph, Twitter cards). Use for SEO audits, content discovery, or verifying metadata before sharing; for HTTP headers use dossier_headers, for redirect behavior use dossier_redirects. Fetches /, /robots.txt, and /sitemap.xml concurrently via HTTPS, 5 s each; parses <head> with a lightweight HTML parser. Returns a composite CheckResult: {status:"ok", meta:{title, description, og, twitter}, robots, sitemapPresent} or {status:"error", reason}. (try in browser)
• user_agent_parse — Context lookup: Parse a User-Agent header string into structured browser, OS, device type, and rendering-engine components. Use to identify client capabilities from a raw UA string, e.g. when analysing server logs or request headers; does not perform any network lookups — entirely local parsing. Runs synchronously using the ua-parser-js library with no external calls. Returns a JSON object with browser.name, browser.version, os.name, os.version, device.type, device.vendor, and engine.name fields; unknown fields are empty strings. (try in browser)
• dossier_dnssec — Core dossier check: Verify DNSSEC chain-of-trust for a domain (DS, DNSKEY, AD flag). Use to confirm the zone is signed and resolvers accept the chain; prefer dossier_dns for raw record types or dossier_full for the complete audit. Fires Cloudflare DoH DS and DNSKEY queries with DO=1; 8s timeout. Returns a CheckResult discriminated union with { dnssecEnabled, adFlag, ds[], dnskey[] } on success. (try in browser)
• dossier_mta_sts — Core dossier check: Fetch and validate a domain's MTA-STS policy (mode, mx, max_age, policy id). Use to confirm inbound SMTP is locked to TLS for this domain. Resolves the _mta-sts TXT record, then fetches the policy from mta-sts.<domain>/.well-known/mta-sts.txt; 10s timeout. Returns a CheckResult; not_applicable when no MTA-STS TXT is published. (try in browser)
• dossier_tlsrpt — Core dossier check: Look up a domain's TLS-RPT (SMTP TLS Reporting) policy. Use to confirm the domain receives reports of SMTP-TLS failures. Resolves _smtp._tls.<domain> TXT via Cloudflare DoH; 5s timeout. Returns a CheckResult; not_applicable when no record is published. (try in browser)
• dossier_whois — Core dossier check: Look up the registrar, creation date, expiry date, and registry statuses for a domain. Use for ownership/expiry audit. Queries WHOIS over TCP/43 via the `whoiser` library; 15s timeout. Returns a CheckResult; not_applicable when the registry refuses or redacts the query (common on cloud IPs). (try in browser)
• dossier_ct_log — Core dossier check: Discover subdomains visible in Certificate Transparency logs. Use for attack-surface mapping; prefer dossier_full when running a complete audit. Queries crt.sh first, falls back to certspotter; capped at 100 unique subdomains; 10s timeout. Returns a CheckResult with { subdomains[], wildcards[], certCount, source }. (try in browser)
• dossier_full — Aggregate dossier check: Run all 10 Domain Dossier checks — dns, mx, spf, dmarc, dkim, tls, redirects, headers, cors, web-surface — in parallel and return all results in a single response. Use when you need a comprehensive domain health snapshot in one call; counts as ONE paywall call regardless of how many checks run. For a single focused check, prefer the individual dossier_* tools to minimise latency. Fires all 10 checks concurrently via Cloudflare DoH or direct HTTPS, 5 s per-check timeout. Returns a JSON object keyed by check id (dns, mx, etc.), each value a CheckResult discriminated union ({status:"ok",...} or {status:"error", reason}).