Privacy Policy — IOC Inspector

Last updated: April 30, 2026 · Publisher: RYMANTECH

Summary

IOC Inspector is a browser extension for security professionals that queries multiple threat intelligence APIs to assess the reputation of URLs, domains, and IP addresses. We do not collect, transmit, sell, or share any user data. All processing happens locally in your browser. API requests go directly from your browser to the threat intelligence providers — never through any server we operate.

What data the extension stores

The extension uses Chrome/Edge's built-in storage APIs to save the following data locally in your browser only:

Data	Storage type	Purpose
API keys (VirusTotal, AbuseIPDB, abuse.ch)	chrome.storage.sync	Authentication when calling the respective APIs
Theme preference (light/dark)	chrome.storage.sync	UI preference
Enabled/disabled sources	chrome.storage.sync	UI preference
Last 10 search results	chrome.storage.local	Quick re-access of recent lookups
Last search (indicator + results)	chrome.storage.local	Restored when popup re-opens

chrome.storage.sync data is synced across browsers signed into the same Google/Microsoft account by the browser itself — the publisher does not have access to it.

What data the extension transmits

When you initiate a scan, the extension sends the indicator (URL/domain/IP you entered) directly to the third-party services you have enabled, using the API keys you have provided. The publisher does not operate any intermediary server. These services may have their own privacy policies:

Service	Privacy policy
VirusTotal	virustotal.com
AbuseIPDB	abuseipdb.com
URLScan.io	urlscan.io
AlienVault OTX	alienvault.com
abuse.ch (ThreatFox, URLHaus)	abuse.ch

For the "manual lookup" sources (Cisco Talos, IPVoid, MXToolBox, CrowdSec, RST Cloud, ThreatBook, X-Force Exchange, Scamalytics), the extension only constructs URLs — it does not send any data to those sites unless you click the "open" link, in which case your browser navigates to the lookup page like any other web link.

What data the extension does NOT collect

No analytics of any kind. No Google Analytics, no Datadog, no telemetry.
No browsing history access. The extension does not read tabs you have not actively scanned.
No personal information. The extension does not request, collect, or store your name, email, or any identifying information.
No advertising trackers of any kind.
No data sold or shared with any third party. Period.

Permissions explained

Permission	Why it's needed
storage	Save your API keys, preferences, and recent searches locally
activeTab	Pre-fill the search box with the current tab's hostname for convenience
contextMenus	Provide the right-click "Inspect with IOC Inspector" option
clipboardWrite	Copy formatted reports to your clipboard when you click "COPY"
Host permissions (6 threat intel API hosts)	Make HTTPS requests to those specific APIs on your behalf

Children's privacy

IOC Inspector is a security professional tool not directed at children under 13. It does not knowingly collect data from anyone.

Changes to this policy

If we change this policy, we will update the "Last updated" date and post the new policy at the same URL. Material changes will be noted in the extension's release notes on the Chrome Web Store and Microsoft Edge Add-ons.

Contact

GitHub Issues: github.com/ree-l/ioc-inspector/issues
Email: support@rymantech.com

RYMANTECH