IP Check for WAF Logs

Detects IPv4 and IPv6 addresses in AWS and GCP console logs and checks them against AbuseIPDB on click.

Automatically detects IPv4 and IPv6 addresses in supported AWS and Google Cloud console log views and lets you check them against AbuseIPDB with a single click. Results including abuse score, country, ISP, domain, hostnames, report count, and cache age appear in an overlay panel directly on the page, without leaving your current tab. Built for security analysts, DevOps engineers, and cloud users who investigate suspicious traffic in WAF and log data. Instead of manually copying source IPs into AbuseIPDB, the extension highlights detected IP addresses and puts the lookup one click away. Supported views include AWS WAF Sampled Requests, AWS CloudWatch Log Streams, and Google Cloud Logs Explorer. Features: - Instant AbuseIPDB lookup for detected IPv4 and IPv6 addresses - On-page result panel with score, risk level, country, ISP, domain, hostnames, report count, and cache age - Local cache to avoid redundant API calls - Popup toggle to enable or disable IP scanning - Configurable API key, AbuseIPDB max report age, cache duration, cache usage, and dark mode - API key validation from the options page - No telemetry, analytics, or remote configuration - No data sent anywhere except directly to the AbuseIPDB API using your own key Note: This extension only runs on supported AWS and Google Cloud console pages. Requires a free AbuseIPDB API key. Get one at abuseipdb.com. Disclaimer: This extension is an independent, unofficial tool and is not affiliated with, endorsed by, or associated with AbuseIPDB, Amazon Web Services (AWS), or Google Cloud in any way. "AWS", "Google Cloud", and "AbuseIPDB" are trademarks of their respective owners. Changelog: Version 0.3.0 - Added IPv6 detection and lookup - Added Google Cloud Logs Explorer support - Added AWS CloudWatch Log Streams support - Fixed popup cache summary wrapping for long IPv6 addresses Version 0.2.3 - Initial release on the Chrome Web Store - Added cache age display for locally cached lookup results - Added API key validation from the options page - Added Escape key support to close the on-page result panel Version 0.2.2 - Renamed the extension to IP Check for WAF Logs to keep third-party trademark references descriptive Version 0.2.1 - Updated Chrome extension icon assets Version 0.2.0 - Added a popup toggle to enable or disable inline IP scanning - Scanning remains enabled by default and the preference is stored locally Version 0.1.0 - Added IPv4 detection on AWS Console pages - Added on-demand AbuseIPDB lookup using the user's own API key - Stored settings and cached lookup results locally only