`ip_reputation`

Pack: isc-sans · Endpoint: https://gateway.pipeworx.io/isc-sans/mcp

Look up an IPv4 address in the SANS ISC DShield database — its attack-report history, ASN/owner, abuse contact, and risk. A high report_count means the IP is an active attack source (firewall logs submitted by sensors worldwide). report_count null/0 = no malicious activity reported. The comment field often names known infrastructure (e.g. “Google public recursive name server”). Keyless.

Parameters

Name	Type	Required	Description
`ip`	string	yes	An IPv4 address, e.g. “8.8.8.8” or “45.155.205.233”.

Example call

curl -X POST https://gateway.pipeworx.io/isc-sans/mcp \
  -H 'Content-Type: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"ip_reputation","arguments":{}}}'

Connect

Add this to your MCP client config, or use one-click install buttons:

{
  "mcpServers": {
    "isc-sans": {
      "url": "https://gateway.pipeworx.io/isc-sans/mcp"
    }
  }
}

See Getting Started for client-specific install steps.

ip_reputation

Parameters

Example call

Connect

Was this helpful?

`ip_reputation`