Brand protection
Is this domain legitimate? WHOIS age, DNS resolution, scam/phishing search results, and HTTP headers for a quick trust assessment.
When to use this pack
Evaluating a suspicious domain — checking registration age, hosting, web mentions, and security posture.
Tools in this pack
-
Domain WHOIS (RDAP)
$0.005
POST /api/whois
Domain registration data via RDAP (the structured WHOIS successor): registrar, creation/expiry dates, status, nameservers.
-
DNS lookup
$0.002
POST /api/dns-lookup
Resolve any DNS record type for a host: A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, SRV, PTR. Returns the records plus a count. Built on Node's native resolver — no external API.
-
Web search
$0.02
GET /api/search
Live web search: ranked results (title, URL, snippet, age) from an independent search index as clean JSON — fresh pages your model's training cutoff has never seen. Optional freshness filter (pd/pw/pm/py = past day/week/month/year).
-
HTTP headers + security analysis
$0.003
POST /api/http-headers
Fetch a URL and return every response header plus a security analysis: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/CORP/COEP. Scores 0–100 by presence, flags weak HSTS, and warns on Server/X-Powered-By identity leaks. SSRF-protected.
Workflow
- Pull WHOIS for domain age, registrar, and registrant — very young domains are suspect.
- Resolve DNS A records to identify hosting and detect parking pages.
- Search for scam/phishing reports mentioning this domain.
- Fetch HTTP headers for security posture and server fingerprint.
Run it in Claude
claude mcp add agent402 -s user -- npx -y agent402-mcp@latest
Then paste this prompt into Claude:
Investigate whether stripe.com is legitimate using Agent402's brand-protection skill pack. Get (1) WHOIS — age and registrar, (2) DNS A records, (3) search for scam/phishing reports, (4) HTTP headers. Rate the domain's trustworthiness.
← All skill packs