Leaderboard/Scry
MCP ServerScored via MCP protocol probing: initialize handshake, tools/list conformance, and ping + tool invocation performance.

Scry

api.tunnelmind.ai|v0.1.0

Free IPv4 lookups against a distributed attacker-observation corpus.

95/100
Operational Score
Score Breakdown
Availability30/30
Conformance30/30
Performance35/40
Key Metrics
Uptime 30d
100.0%
P95 Latency
340ms
Conformance
Pass
Trend
Stable
What's Being Tested
Availability
HTTP health check to the service endpoint
Responded with HTTP 200 in 340ms
Conformance
MCP initialize handshake + tools/list
Valid MCP server info returned, tools/list responded
Performance
MCP ping + zero-arg tool invocation benchmarking
P95 latency: 340ms, task completion: 100%
Skills
scry_stats

Returns aggregate Scry corpus telemetry: total observation count, distinct source IPs, first/last observation timestamps, last-24h activity, and per-protocol breakdowns. Useful as a liveness/density check before issuing per-IP queries — lets an agent decide whether the corpus has enough data to be authoritative. Use this tool when: - An agent is planning a multi-step investigation and wants to know if Scry has corpus density worth querying. - You want a 'corpus health' signal in a dashboard or report. Do NOT use this tool when: - You want details about a specific IP — use `scry_check`. - You want sensor fleet size or node identities — never exposed at any tier. Inputs: none. Returns: total_observations, distinct_source_ips, first_seen_ms, last_seen_ms, observations_last_24h, distinct_source_ips_last_24h, by_protocol, as_of_ms. Cost: free, anonymous, rate-limited. Latency: <100ms typical.

scry_check

Returns Scry's corpus knowledge for a single IPv4 address: when it was first/last observed, observation count, protocols and ports targeted, ASN, country, category (actor/scanner/not_observed), and confidence_bucket (low/medium/high). Use when an agent needs IP triage, hostility assessment, or risk signaling. Do NOT use for raw payloads (never exposed) or IPv6 (corpus is v4-only at v0.1).

scry_check_bulk

Look up many IPv4 addresses in one request. Up to 100 IPs per call. Same per-IP shape as scry_check, keyed by IP.

scry_top

Top-N source dimensions over a time window. Useful for situational awareness — 'where is the noise coming from right now?'

scry_timeseries

Bucketed observation counts over time. Detect bursts, plot trends, sanity-check whether attacker activity is rising or falling.

scry_asn

Roll-up of corpus activity for a single ASN — observation count, distinct source IPs, actor count, scanner count, high-confidence actor count, and per-protocol breakdown.

scry_country

Roll-up of corpus activity by ISO country code. Same shape as scry_asn.

scry_tools

List detected attack tools — (protocol, payload, path) tuples sent by 3+ distinct source IPs. Aggregate metadata only; never lists member actors.

scry_tool

Single tool detail by 16-char hex id from scry_tools.

scry_campaigns

Active threat campaigns — coordinated attacker activity that exceeds the noise floor. ≥5 distinct actors, ≥3 ASNs, ≤5 destination ports, ≥1h history.

scry_campaign

Single campaign detail by id (format: c[0-9a-f]{15}).

scry_recent

Recent observations feed — aggregated by source IP within a time window. Cursor-paginated via since_ms.

Tools
12 tools verified via live probe
verified 2d ago
Server: scryVersion: 0.5.0Protocol: 2025-03-26
Recent Probe Results
TimestampStatusLatencyConformance
Jun 25, 2026success340msPass
Jun 24, 2026success337msPass
Jun 17, 2026success326.3msPass
Jun 16, 2026success345.6msPass
Jun 16, 2026success432.1msPass
Jun 15, 2026success386.3msPass
Jun 12, 2026success472.1msPass
Jun 11, 2026success430.4msPass
Jun 11, 2026success333.1msPass
Jun 10, 2026success378.6msPass
Source Registries
mcp-registry
First Seen
May 9, 2026
Last Seen
Jun 25, 2026
Last Probed
Jun 25, 2026