mcp-abuseipdb
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcp-abuseipdbCheck IP 8.8.8.8 for abuse reports"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
An MCP server that exposes AbuseIPDB threat intelligence as tools — ask Claude (or any MCP client) whether an IP, subnet, or set of reports looks malicious, and get real data back instead of a guess.
Tools
Tool | What it does |
| Check a single IP — abuse confidence score, ISP, country, usage type, report count, optionally the last 10 individual reports |
| Check a CIDR network block (up to |
| Get the individual abuse reports filed against an IP — who reported it, why, and when, paginated |
| Get the most-reported IPs overall. Free tier is capped at confidence 100 regardless of what you ask for; paid tiers can widen the range |
Related MCP server: FastMCP ThreatIntel
Prerequisites
Node.js 18+
A free AbuseIPDB API key (free tier: 1,000 checks/day, 5 blacklist calls/day)
Setup
git clone https://github.com/abe-source/mcp-abuseipdb.git
cd mcp-abuseipdb
npm install
npm run buildAdd it to your MCP client config (e.g. Claude Desktop's claude_desktop_config.json):
{
"mcpServers": {
"abuseipdb": {
"command": "node",
"args": ["/absolute/path/to/mcp-abuseipdb/dist/index.js"],
"env": {
"ABUSEIPDB_API_KEY": "your-api-key-here"
}
}
}
}Restart your client, then try asking:
"Has 8.8.8.8 been reported for anything?"
"Check my office subnet 203.0.113.0/24 for abuse reports"
"What are the most reported IPs right now?"
How it works
MCP client (Claude, Inspector, ...)
│ stdio, JSON-RPC
▼
McpServer (src/server.ts)
│
▼
tools/*.ts — one file per tool: Zod schema + handler, formats the reply
│
▼
endpoints/*.ts — one file per AbuseIPDB endpoint: typed request + response
│
▼
abuseipdbClient.ts — auth header, response envelope, AbuseIPDB error parsing
│
▼
client.ts — generic fetch wrapper, timeout, HTTP error handling
│
▼
AbuseIPDB REST APIEach layer knows nothing about the one above it. client.ts doesn't know AbuseIPDB exists; endpoints/ doesn't know MCP exists. Adding a new tool means one new file in endpoints/, one new file in tools/, one line in tools/index.ts — nothing else changes.
Tool arguments are validated with Zod before any handler runs — a malformed request never reaches the API.
Development
npm run build # compile TypeScript
npm run lint # check formatting + lint rules
npm run check # lint + format + fix, in placeTest locally with the MCP Inspector:
npx @modelcontextprotocol/inspector --cli node --env-file=.env dist/index.js --method tools/call --tool-name check_ip --tool-arg ip=8.8.8.8License
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/abe-source/mcp-abuseipdb'
If you have feedback or need assistance with the MCP directory API, please join our Discord server