IP Check for WAF Logs

Tracking since May 2, 2026.

Changelog

• May 19, 2026
  description

  Automatically detects IPv4 addresses in the AWS WAF Sampled Requests view and lets you check them against AbuseIPDB with a single click. Results including
  abuse score, country, ISP, and report count appear in an overlay panel directly on the page, without leaving your current tab.
  
  Built for security analysts, DevOps and AWS users who investigate suspicious traffic in the AWS Console. Instead of manually copying source IPs into
  AbuseIPDB, the extension highlights every IPv4 address it finds and puts the lookup one click away.
  
  Features:
  - Instant AbuseIPDB lookup for any IPv4 address found on the page
  - On-page result panel with score, risk level, country, ISP, domain, and hostnames
  - Local cache to avoid redundant API calls
  - Configurable abuse score threshold, cache duration, and API key
  - No data sent anywhere except directly to the AbuseIPDB API using your own key
  
  Note: This extension only runs on the AWS Management Console (console.aws.amazon.com).
  
  Requires a free AbuseIPDB API key. Get one at abuseipdb.com.
  
  Disclaimer: This extension is an independent, unofficial tool and is not affiliated with, endorsed by, or associated with AbuseIPDB or Amazon Web Services (AWS) in any way. "AWS" and "AbuseIPDB" are trademarks of their respective owners.

  Automatically detects IPv4 and IPv6 addresses in supported AWS and Google Cloud console log views and lets you check them against AbuseIPDB with a single click. Results including abuse score, country, ISP, domain, hostnames, report count, and cache age appear in an overlay panel directly on the page, without leaving your current tab.
  
  Built for security analysts, DevOps engineers, and cloud users who investigate suspicious traffic in WAF and log data. Instead of manually copying source IPs into AbuseIPDB, the extension highlights detected IP addresses and puts the lookup one click away.
  
  Supported views include AWS WAF Sampled Requests, AWS CloudWatch Log Streams, and Google Cloud Logs Explorer.
  
  Features:
  - Instant AbuseIPDB lookup for detected IPv4 and IPv6 addresses
  - On-page result panel with score, risk level, country, ISP, domain, hostnames, report count, and cache age
  - Local cache to avoid redundant API calls
  - Popup toggle to enable or disable IP scanning
  - Configurable API key, AbuseIPDB max report age, cache duration, cache usage, and dark mode
  - API key validation from the options page
  - No telemetry, analytics, or remote configuration
  - No data sent anywhere except directly to the AbuseIPDB API using your own key
  
  Note: This extension only runs on supported AWS and Google Cloud console pages.
  
  Requires a free AbuseIPDB API key. Get one at abuseipdb.com.
  
  Disclaimer: This extension is an independent, unofficial tool and is not affiliated with, endorsed by, or associated with AbuseIPDB, Amazon Web Services (AWS), or Google Cloud in any way. "AWS", "Google Cloud", and "AbuseIPDB" are trademarks of their respective owners.
  
  Changelog:
  
  Version 0.3.0
  - Added IPv6 detection and lookup
  - Added Google Cloud Logs Explorer support
  - Added AWS CloudWatch Log Streams support
  - Fixed popup cache summary wrapping for long IPv6 addresses
  
  Version 0.2.3
  - Initial release on the Chrome Web Store
  - Added cache age display for locally cached lookup results
  - Added API key validation from the options page
  - Added Escape key support to close the on-page result panel
  
  Version 0.2.2
  - Renamed the extension to IP Check for WAF Logs to keep third-party trademark references descriptive
  
  Version 0.2.1
  - Updated Chrome extension icon assets
  
  Version 0.2.0
  - Added a popup toggle to enable or disable inline IP scanning
  - Scanning remains enabled by default and the preference is stored locally
  
  Version 0.1.0
  - Added IPv4 detection on AWS Console pages
  - Added on-demand AbuseIPDB lookup using the user's own API key
  - Stored settings and cached lookup results locally only

• May 19, 2026
  short_description

  Detects IPv4 addresses in the AWS Console and checks them against AbuseIPDB on click. Designed for AWS WAF Sampled Logs.

  Detects IPv4 and IPv6 addresses in AWS and GCP console logs and checks them against AbuseIPDB on click.

• May 19, 2026
  host_permissions

  https://api.abuseipdb.com/*, https://*.console.aws.amazon.com/*

  https://api.abuseipdb.com/*, https://console.aws.amazon.com/*, https://*.console.aws.amazon.com/*, https://console.cloud.google.com/*

Permissions & access

Permissions

storage

Host access

https://api.abuseipdb.com/*, https://console.aws.amazon.com/*, https://*.console.aws.amazon.com/*, https://console.cloud.google.com/*

Screenshots