WhoisJSON is now available as an MCP server — use WHOIS & DNS in Claude, Cursor, and Windsurf

The problem with domain research in AI workflows

Most developers, security engineers, and domain investors now spend a significant portion of their working day inside an AI assistant. Claude answers architecture questions. Cursor writes the code. Windsurf navigates the codebase. The workflow is fast — until it isn't. The moment a task requires real-world data that the AI doesn't have access to, the session breaks. You copy a domain name, open a browser tab, run a WHOIS lookup, read the results, copy the relevant parts back into the chat window, and resume. Every context switch costs minutes and dissolves the thread of reasoning you had with the model.

For domain-centric work — due diligence on an acquisition target, a security audit of a vendor's infrastructure, a phishing investigation, competitive research — this friction compounds. A single investigation routinely involves a dozen WHOIS queries, several DNS lookups, SSL certificate checks, and availability probes across multiple TLDs. Doing that manually, interleaved with an AI conversation, is slow and error-prone. Relevant data gets summarised imprecisely in the paste, the model loses nuance, and the back-and-forth multiplies.

The deeper issue is that current AI assistants are excellent at reasoning over data but have no way to fetch live, structured domain intelligence on their own. Every integration has required custom glue code: a function tool wrapper, a webhook, a retrieval layer. For most teams, that cost has been high enough that they simply don't build it — and continue switching tabs instead.

What the Model Context Protocol changes

The Model Context Protocol (MCP) is an open standard, developed by Anthropic, that defines a structured way for AI clients to call external tools — APIs, databases, local services — in a safe and composable manner. An MCP server exposes a set of named tools with typed inputs and outputs. A compatible AI client discovers those tools automatically and can invoke them in response to natural-language instructions, without the user writing a single line of integration code. The protocol handles authentication, schema validation, and structured error responses. From the model's perspective, calling a live WHOIS API is no different from calling a built-in capability. From the user's perspective, they just ask a question.

What we built: four domain intelligence tools

The WhoisJSON MCP server exposes four tools, each mapping directly to a WhoisJSON REST endpoint. They cover the complete surface of domain intelligence that practitioners need on a daily basis.

Here is what a real session looks like once the server is connected:

How to set it up

The server is published as a(href="https://www.npmjs.com/package/@whoisjson/mcp-server" target="_blank" rel="noopener") @whoisjson/mcp-server | on npm and runs via code npx | — nothing to install permanently. Add the block below to your client's config file, replace code YOUR_API_KEY | , and restart.

Claude Desktop

Edit %APPDATA%\Claude\claude_desktop_config.json (Windows) or ~/Library/Application Support/Claude/claude_desktop_config.json (macOS), then restart Claude.

{
  "mcpServers": {
    "whoisjson": {
      "command": "npx",
      "args": ["-y", "@whoisjson/mcp-server"],
      "env": {
        "WHOISJSON_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Cursor

Open Settings → MCP → Add new MCP server, choose command type, and paste the config into ~/.cursor/mcp.json.

{
  "mcpServers": {
    "whoisjson": {
      "command": "npx",
      "args": ["-y", "@whoisjson/mcp-server"],
      "env": {
        "WHOISJSON_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Windsurf

Open Cascade → MCP Servers → Configure and add the entry to ~/.codeium/windsurf/mcp_config.json.

{
  "mcpServers": {
    "whoisjson": {
      "command": "npx",
      "args": ["-y", "@whoisjson/mcp-server"],
      "env": {
        "WHOISJSON_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Who is this for

The MCP server is built for anyone who works with domain data regularly and wants that data available inside their AI workflow without friction. In practice, that means:

• Penetration testers and security researchers — run WHOIS, DNS, and SSL checks against target infrastructure directly inside Cursor or Claude without leaving the terminal session.
• Domain investors and brokers — check availability, registration history, and expiry dates across TLDs in a single conversation instead of juggling browser tabs.
• Development teams doing vendor due diligence — validate a third-party domain's ownership, certificate validity, and DNS hygiene before integrating a new service.
• Threat intelligence and fraud analysts — enrich indicators of compromise with live registration and DNS data, inline with the investigation, without switching tools.

What's next

The current server covers the four core endpoints — WHOIS, DNS, SSL, and availability. The most requested additions from early users include reverse IP lookup and domain history — feedback that will directly shape what gets built next.

The server is open source on GitHub. Issues and pull requests are welcome. If you want to track the package or discover other domain-related MCP servers, the official MCP server registry is a good starting point.

Conclusion

Domain intelligence has always been publicly available — the bottleneck has been access latency and workflow integration, not the data itself. The MCP server removes both. WHOIS lookups, DNS queries, SSL checks, and availability probes are now first-class capabilities inside Claude, Cursor, and Windsurf, invoked by a natural-language question with no code required.