Domain intel
Full domain security and SEO intelligence in one call: WHOIS, DNS, TLS cert, HTTP headers, tech stack, robots policy, and certificate transparency.
When to use this pack
Evaluating a domain for acquisition, investigating a phishing site, auditing a competitor's infrastructure, or preparing a security review — one call gives you the complete external footprint.
Tools in this pack
-
Domain WHOIS (RDAP)
$0.005
POST /api/whois
Domain registration data via RDAP (the structured WHOIS successor): registrar, creation/expiry dates, status, nameservers.
-
DNS lookup
$0.002
POST /api/dns-lookup
Resolve any DNS record type for a host: A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, SRV, PTR. Returns the records plus a count. Built on Node's native resolver — no external API.
-
TLS certificate
$0.003
POST /api/tls-cert
Inspect the TLS certificate of any public host: subject, issuer, validity window, days remaining, SANs, and SHA-256 fingerprint.
-
HTTP headers + security analysis
$0.003
POST /api/http-headers
Fetch a URL and return every response header plus a security analysis: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/CORP/COEP. Scores 0–100 by presence, flags weak HSTS, and warns on Server/X-Powered-By identity leaks. SSRF-protected.
-
Tech stack detection
$0.005
POST /api/tech-stack
Detect the technology stack of a public website: CDN, web server, language/runtime, frontend framework (Next.js, Nuxt, SvelteKit, Remix, Astro, React, Vue, Angular), CMS (WordPress, Drupal, Ghost, Shopify, Wix, Squarespace, Webflow), analytics (GA, GTM, PostHog, Mixpanel, Segment, Hotjar, Plausible, Fathom), and payments (Stripe, PayPal). Signature-based; no third-party API.
-
Robots.txt check
$0.002
POST /api/robots-check
Fetch a site's robots.txt and answer: may this user-agent crawl this path? Returns the matched rule and all declared sitemaps.
Workflow
- Pull WHOIS records — registrar, creation date, expiry, registrant (often privacy-shielded but the age alone is a signal).
- Resolve DNS A records to identify the hosting provider and detect CDN fronting.
- Inspect the live TLS certificate — issuer, expiry, SANs, and chain validity.
- Fetch HTTP response headers — security posture (HSTS, CSP, XFO), caching, and server fingerprint.
- Fingerprint the tech stack — CMS, framework, CDN, analytics, and third-party scripts.
- Check robots.txt for crawl directives — reveals hidden paths and bot policies.
Run it in Claude
claude mcp add agent402 -s user -- npx -y agent402-mcp@latest
Then paste this prompt into Claude:
Run a full domain intelligence report on stripe.com using Agent402's domain-intel skill pack: (1) WHOIS — age, registrar, expiry. (2) DNS A records — hosting/CDN. (3) TLS cert — issuer, expiry, SANs. (4) HTTP headers — security headers score. (5) Tech stack — frameworks, CDN, analytics. (6) robots.txt — hidden paths. Output a structured report with a risk summary.
← All skill packs