What is ipdb.me?
ipdb.me is an internet numbers search engine that lets you look up and analyze the building blocks of the internet. Enter any IP address, domain name, ASN, CIDR range, MAC address, or URL into the search bar and get detailed, structured information back instantly.
The service provides IP geolocation (city, region, country, coordinates), reverse DNS lookups, autonomous system identification, CIDR subnet calculations, domain DNS resolution, MAC address vendor identification via the IEEE OUI database, and URL analysis with HEAD request probing. All results are available both as a human-readable web page and as structured JSON through the API.
Who is it for?
ipdb.me is built for network engineers troubleshooting connectivity issues, system administrators investigating traffic sources, security researchers analyzing suspicious addresses, and software developers integrating IP intelligence into their applications. Whether you need a quick one-off lookup from the browser or programmatic access through the REST API, ipdb.me has you covered.
For a deeper understanding of the internet identifiers ipdb.me supports, see the Network Fundamentals section below. For programmatic access, jump to the API Reference.
IP Addresses
An Internet Protocol (IP) address is a numerical label assigned to every device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two fundamental purposes: identifying the host or network interface, and providing the location of the host in the network topology so that traffic can be routed to it.
IPv4
IPv4 addresses are 32-bit numbers typically written in dotted-decimal notation, such as 192.0.2.1. This gives a theoretical address space of about 4.3 billion unique addresses. Defined in RFC 791 (1981), IPv4 has been the dominant protocol for decades, but its address space was fully exhausted by IANA in 2011, driving the transition to IPv6.
IPv6
IPv6 addresses are 128-bit numbers written in colon-separated hexadecimal groups, such as 2001:0db8:85a3::8a2e:0370:7334. With a staggering 340 undecillion possible addresses, IPv6 was designed to solve the exhaustion problem for the foreseeable future. Defined in RFC 8200, IPv6 also brings improvements like simplified header processing and built-in support for IPsec.
Special and Reserved Ranges
Not all IP addresses are routable on the public internet. Several ranges are reserved for specific purposes: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 are designated for private networks (RFC 1918). The loopback address 127.0.0.1 refers to the local host itself. Link-local addresses (169.254.0.0/16 for IPv4, fe80::/10 for IPv6) are used for communication within a single network segment. ipdb.me detects these special ranges and displays the relevant RFC information instead of attempting a geolocation lookup.
Try it out: Look up an IP address using the API
CIDR Notation
Classless Inter-Domain Routing (CIDR) is a method for allocating IP addresses and specifying IP network ranges. Introduced in 1993 by RFC 1519, CIDR replaced the earlier classful addressing system (Class A, B, C) which wasted large portions of the address space. CIDR allows network boundaries to fall on any bit position, enabling far more efficient allocation.
How It Works
A CIDR notation combines an IP address with a prefix length separated by a slash, such as 192.168.1.0/24. The prefix length indicates how many leading bits of the address define the network portion. In this example, the first 24 bits identify the network and the remaining 8 bits identify individual hosts, yielding 254 usable host addresses (2^8 minus network and broadcast addresses).
Subnet Calculations
Given a CIDR block, you can derive several useful values: the network address (first address in the range), the broadcast address (last address), the subnet mask (e.g., 255.255.255.0 for a /24), and the total number of host addresses. For example, 10.0.0.0/16 spans from 10.0.0.0 to 10.0.255.255 with 65,534 usable hosts. ipdb.me performs these calculations automatically when you look up any CIDR range.
CIDR in Practice
CIDR is fundamental to how the internet works today. Internet Service Providers use CIDR to aggregate routes and keep the global BGP routing table manageable. Network administrators use it to design subnets within their organizations. Understanding CIDR is essential for anyone working with network infrastructure, firewall rules, or access control lists.
Try it out: Calculate a CIDR range using the API
Domain Names
The Domain Name System (DNS) is often described as the phone book of the internet. Rather than memorizing numerical IP addresses, users can type human-readable names like example.com into their browser and DNS translates those names into the IP addresses that computers use to route traffic.
DNS Hierarchy
Domain names are organized in a hierarchical tree structure. At the top sits the root zone (managed by IANA), below which are Top-Level Domains (TLDs) like .com, .org, and country-code TLDs like .ch or .de. Second-level domains (e.g., example in example.com) are registered by individuals and organizations through domain registrars. Subdomains like www or mail can be freely created by the domain owner.
DNS Record Types
A domain can have multiple types of DNS records. A and AAAA records map a domain to IPv4 and IPv6 addresses respectively. MX records specify mail servers with priorities for email delivery. NS records delegate a domain to authoritative name servers. Other common types include CNAME (aliases), TXT (arbitrary text, often used for SPF/DKIM email authentication), and SOA (start of authority). ipdb.me resolves and displays A, AAAA, MX, and NS records for any domain you look up.
Internationalized Domain Names
Not all domain names use ASCII characters. Internationalized Domain Names (IDN) allow the use of scripts like Chinese, Arabic, or Cyrillic through a system called Punycode. For example, the domain munchen.de with an umlaut is encoded as xn--mnchen-3ya.de in Punycode. ipdb.me detects IDN domains and shows both the Unicode and Punycode representations.
Try it out: Look up a domain using the API
Autonomous System Numbers
An Autonomous System (AS) is a collection of IP networks under the control of a single organization that presents a common routing policy to the internet. Each AS is identified by a unique Autonomous System Number (ASN) assigned by one of the five Regional Internet Registries (RIRs): ARIN (North America), RIPE NCC (Europe/Middle East/Central Asia), APNIC (Asia-Pacific), LACNIC (Latin America), and AFRINIC (Africa).
Role in Internet Routing
ASNs are the backbone of inter-domain routing via the Border Gateway Protocol (BGP). When data travels across the internet, it passes through multiple autonomous systems. Each AS announces the IP prefixes it is responsible for to its BGP neighbors, and routers use this information to determine the best path for packets. For example, AS13335 (Cloudflare) announces prefixes like 1.1.1.0/24, telling the rest of the internet to send traffic for those addresses to Cloudflare's network.
Public and Private ASNs
ASNs come in two ranges: 16-bit (1 to 65,535) and 32-bit (1 to 4,294,967,295, introduced by RFC 6793). Numbers 64,512 to 65,534 in the 16-bit range and 4,200,000,000 to 4,294,967,294 in the 32-bit range are reserved for private use within organizations and are not visible on the public internet. The remaining numbers are allocated to organizations for public BGP peering.
Why ASN Lookups Matter
Looking up an ASN reveals which organization operates a network and what IP prefixes it announces. This is valuable for network troubleshooting, peering decisions, abuse reporting, and understanding the topology of the internet. ipdb.me provides the AS name and its announced prefixes for any ASN you query.
Try it out: Look up an ASN using the API
MAC Addresses
A Media Access Control (MAC) address is a 48-bit hardware identifier assigned to every network interface controller (NIC) — whether it is an Ethernet port, a Wi-Fi adapter, or a Bluetooth radio. MAC addresses operate at Layer 2 (the data link layer) of the OSI model and are used to deliver frames within a local network segment, before IP routing takes over for communication across networks.
Structure and OUI
A MAC address is typically written as six pairs of hexadecimal digits, such as 00:1A:2B:3C:4D:5E. The first three octets (00:1A:2B) form the Organizationally Unique Identifier (OUI), which is assigned by the IEEE to hardware manufacturers. The remaining three octets are assigned by the manufacturer to individual devices. By looking up the OUI prefix, you can determine which company manufactured a network interface — useful for identifying devices on a network.
Common Formats
MAC addresses appear in several notations depending on the operating system and vendor. Linux and most tools use colon-separated format (00:1a:2b:3c:4d:5e), Windows and IEEE 802 standards use dashes (00-1A-2B-3C-4D-5E), and Cisco equipment uses dot-separated groups of four (001a.2b3c.4d5e). ipdb.me accepts any of these formats and displays all of them in the results.
Practical Uses
Identifying the manufacturer behind a MAC address helps network administrators inventory devices, troubleshoot connectivity issues, and detect rogue hardware on their networks. Security teams use OUI lookups to profile devices during network assessments. ipdb.me queries the IEEE OUI database — which contains over 30,000 registered manufacturer prefixes — to provide instant vendor identification.
Try it out: Look up a MAC address using the API
URLs
A Uniform Resource Locator (URL) is the address used to access any resource on the web. Defined in RFC 3986, a URL specifies not just where a resource is located but also how to retrieve it. Every time you click a link, type a web address, or make an API call, you are using a URL.
URL Structure
A URL is composed of several parts: the scheme (e.g., https, ftp, mailto) defines the protocol, the host identifies the server (as a domain name or IP address), the optional port overrides the protocol default (e.g., :8080), the path specifies the resource on the server, the query string passes key-value parameters (after ?), and the fragment (after #) points to a specific section within the resource.
For example, in https://example.com:8080/search?q=test#results, the scheme is https, the host is example.com, the port is 8080, the path is /search, the query is q=test, and the fragment is results.
URL Encoding
URLs can only contain a limited set of ASCII characters. Special characters — including spaces, non-ASCII letters, and reserved characters like & or = outside their intended role — must be percent-encoded. For example, a space becomes %20 and an ampersand becomes %26. This encoding ensures URLs can be transmitted unambiguously across all systems.
What ipdb.me Shows
When you look up a URL on ipdb.me, the service parses it into its component parts, resolves the hostname to its IP addresses, and performs a HEAD request to check the server's response. The results include HTTP status code, content type, server software, response time, and all response headers — giving you a quick health check of any web endpoint.
Try it out: Analyze a URL using the API
Email Addresses
An email address identifies a mailbox where messages can be delivered. Defined in RFC 5321, it consists of a local part (before the @) and a domain part (after the @), such as [email protected]. While the format looks simple, the infrastructure behind email delivery and security involves several DNS-based authentication and policy mechanisms.
SPF (Sender Policy Framework)
SPF (RFC 7208) lets a domain declare which mail servers are authorized to send email on its behalf. The domain publishes a TXT record starting with v=spf1 that lists allowed IP addresses and hostnames. When a receiving server gets an email, it checks whether the sending server's IP matches the SPF record. If it doesn't, the message may be rejected or flagged as suspicious. SPF is the foundation of email authentication, but on its own it only verifies the envelope sender — it doesn't protect the "From" header that users see.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
DMARC (RFC 7489) builds on SPF and DKIM to give domain owners control over what happens when authentication fails. A DMARC record is published as a TXT record at _dmarc.example.com and specifies a policy: p=none (monitor only), p=quarantine (deliver to spam), or p=reject (block entirely). DMARC also enables reporting — receiving servers can send aggregate reports back to the domain owner, showing who is sending email using their domain. A strict DMARC policy (p=reject) is the most effective defense against email spoofing.
MTA-STS (Mail Transfer Agent Strict Transport Security)
MTA-STS (RFC 8461) enforces TLS encryption for email in transit. Without it, SMTP connections between mail servers can be silently downgraded to unencrypted plaintext by an attacker (a "downgrade attack"). A domain enables MTA-STS by publishing a TXT record at _mta-sts.example.com and hosting a policy file at https://mta-sts.example.com/.well-known/mta-sts.txt. The policy tells sending servers to only deliver mail over authenticated TLS connections, preventing interception of messages between servers.
BIMI (Brand Indicators for Message Identification)
BIMI (currently a draft standard) allows domains to display their brand logo next to authenticated emails in supporting mail clients. A BIMI record is published as a TXT record at default._bimi.example.com and contains a URL pointing to the brand's logo in SVG format. BIMI requires a DMARC policy of p=quarantine or p=reject as a prerequisite, which means it also serves as an incentive for domains to adopt strict email authentication. Some providers additionally require a Verified Mark Certificate (VMC) to display the logo.
TLS-RPT (TLS Reporting)
TLS-RPT (RFC 8460) provides a reporting mechanism for MTA-STS and DANE failures. A domain publishes a TXT record at _smtp._tls.example.com specifying where to send reports (typically a mailto: or https: URI). When a sending server fails to establish a secure TLS connection as required by MTA-STS, it generates a report and sends it to the specified address. This gives domain owners visibility into TLS negotiation failures that might indicate misconfiguration or active attacks.
Security Grade
ipdb.me assigns a security grade (A through F) based on the combination of authentication records found for the email's domain:
| Grade | Criteria |
|---|---|
| A | SPF + DMARC with p=reject + MTA-STS |
| B | SPF + DMARC with p=quarantine |
| C | SPF + DMARC with p=none |
| D | SPF only, no DMARC |
| F | No SPF record |
Try it out: Analyze an email address using the API
Overview
The ipdb.me API provides programmatic access to IP geolocation, DNS records, ASN data, CIDR calculations, URL analysis, MAC address vendor lookups, and email address analysis. All endpoints return JSON and require an API key.
Base URL
https://ipdb.me/api/v1
Authentication
All API requests require an X-API-Key header. Sign up for a free account to get your API key.
curl -H "X-API-Key: YOUR_API_KEY" https://ipdb.me/api/v1/ip/8.8.8.8
Requests without a valid API key return 401 Unauthorized.
Response Format
All successful responses follow a consistent envelope:
{
"status": "success",
"data": { }
}
Error responses use the same envelope with an error object:
{
"status": "error",
"error": {
"code": "ERROR_CODE",
"message": "Human-readable description"
}
}
Error Codes
| Code | HTTP Status | Description |
|---|---|---|
AUTH_REQUIRED |
401 | No API key provided |
INVALID_API_KEY |
401 | API key is invalid or revoked |
INVALID_IP |
400 | Not a valid IPv4 or IPv6 address |
INVALID_DOMAIN |
400 | Not a valid domain name |
INVALID_ASN |
400 | Not a valid Autonomous System Number |
INVALID_CIDR |
400 | Not a valid CIDR notation |
INVALID_URL |
400 | Not a valid URL |
INVALID_MAC |
400 | Not a valid MAC address |
INVALID_EMAIL |
400 | Not a valid email address |
UNKNOWN_TYPE |
400 | Empty or unrecognizable query |
CORS
The API allows cross-origin requests from any origin. Allowed methods are GET and OPTIONS.
Rate Limiting
There are currently no rate limits. Please be respectful and avoid excessive automated requests.
Type Detection
GET /api/v1/type/{query}
Detects what kind of internet identifier a query string is and returns the appropriate API endpoint for a full lookup.
Parameters
| Parameter | Type | Description |
|---|---|---|
query |
string | Any IP, domain, ASN, CIDR, URL, or MAC address |
Response Fields
| Field | Type | Description |
|---|---|---|
type |
string | One of: ip, ip_special, cidr, domain, asn, url, mac, unknown |
query |
string | Normalized form of the input |
endpoint |
string or null | Full URL for the appropriate lookup endpoint |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/type/8.8.8.8
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/type/8.8.8.8", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/type/8.8.8.8",
headers={"X-API-Key": "YOUR_API_KEY"})
print(r.json())
const res = await fetch("https://ipdb.me/api/v1/type/8.8.8.8", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const data = await res.json();
console.log(data);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/type/8.8.8.8', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(result);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/type/8.8.8.8")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts data
Example Response
{
"type": "ip",
"query": "8.8.8.8",
"endpoint": "https://ipdb.me/api/v1/ip/8.8.8.8"
}
IP Lookup
GET /api/v1/ip/{ip}
Returns geolocation, ASN, reverse DNS, and anycast detection data for an IPv4 or IPv6 address.
Parameters
| Parameter | Type | Description |
|---|---|---|
ip |
string | An IPv4 or IPv6 address |
Response Fields
| Field | Type | Description |
|---|---|---|
ip |
string | The queried IP address |
version |
integer | 4 or 6 |
is_special |
boolean | Whether this is a reserved/special IP |
geo |
object | Geolocation data (city, region, country, coordinates, timezone) |
asn |
object | Autonomous System info (number, name) |
anycast |
object | Anycast detection (detected, confidence, score, operator info) |
reverse_dns |
array | Reverse DNS hostnames |
For special/reserved IPs, geo and asn are omitted. Instead special_rfc and special_description are returned.
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/ip/1.1.1.1
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/ip/1.1.1.1", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/ip/1.1.1.1",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(data["data"]["geo"]["country"])
const res = await fetch("https://ipdb.me/api/v1/ip/1.1.1.1", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(data.geo.country);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/ip/1.1.1.1', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(result.data.geo.country);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/ip/1.1.1.1")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts data["data"]["geo"]["country"]
Example Response
{
"status": "success",
"data": {
"ip": "1.1.1.1",
"version": 4,
"geo": {
"city": "Los Angeles",
"region": "California",
"country": "United States",
"country_code": "US",
"continent": "North America",
"postal_code": "90076",
"timezone": "America/Los_Angeles",
"coordinates": {
"lat": 34.0522,
"lon": -118.2437
}
},
"asn": {
"number": 13335,
"name": "CLOUDFLARENET"
},
"anycast": {
"detected": true,
"score": 1.0,
"confidence": "confirmed",
"is_known_operator": true,
"operator_name": "Cloudflare",
"service_type": "cdn"
},
"reverse_dns": [
"one.one.one.one."
]
}
}
Domain Lookup
GET /api/v1/domain/{domain}
Returns DNS records (A, AAAA, MX, NS) and IDN information for a domain name.
Parameters
| Parameter | Type | Description |
|---|---|---|
domain |
string | A valid domain name (e.g., example.com) |
Response Fields
| Field | Type | Description |
|---|---|---|
domain |
string | The queried domain |
is_idn |
boolean | Whether the domain is internationalized |
punycode |
string | Punycode representation (only if IDN) |
dns |
object | DNS records |
dns.a |
array | IPv4 address records |
dns.aaaa |
array | IPv6 address records |
dns.mx |
array | Mail exchange records (host, priority) |
dns.ns |
array | Name server records |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/domain/example.com
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/domain/example.com", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/domain/example.com",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
for ip in data["data"]["dns"]["a"]:
print(ip)
const res = await fetch("https://ipdb.me/api/v1/domain/example.com", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(data.dns.a);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/domain/example.com', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(result.data.dns.a);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/domain/example.com")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts data["data"]["dns"]["a"]
Example Response
{
"status": "success",
"data": {
"domain": "example.com",
"dns": {
"a": [
"93.184.215.14"
],
"aaaa": [
"2606:2800:21f:cb07:6820:80da:af6b:8b2c"
],
"mx": [
{
"host": ".",
"priority": 0
}
],
"ns": [
"a.iana-servers.net.",
"b.iana-servers.net."
]
}
}
}
ASN Lookup
GET /api/v1/asn/{asn}
Returns the name and announced IP prefixes for an Autonomous System Number.
Parameters
| Parameter | Type | Description |
|---|---|---|
asn |
string | An ASN (e.g., 15169 or AS15169) |
Response Fields
| Field | Type | Description |
|---|---|---|
asn |
integer | The AS number |
name |
string | Organization name |
prefixes |
array | List of announced IP prefixes (CIDR notation) |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/asn/13335
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/asn/13335", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/asn/13335",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(f"{data['data']['name']}: {len(data['data']['prefixes'])} prefixes")
const res = await fetch("https://ipdb.me/api/v1/asn/13335", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(`${data.name}: ${data.prefixes.length} prefixes`);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/asn/13335', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(`${result.data.name}: ${result.data.prefixes.length} prefixes`);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/asn/13335")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts "#{data['data']['name']}: #{data['data']['prefixes'].length} prefixes"
Example Response
{
"status": "success",
"data": {
"asn": 13335,
"name": "CLOUDFLARENET",
"prefixes": [
"1.0.0.0/24",
"1.1.1.0/24",
"103.21.244.0/22",
"104.16.0.0/13",
"104.24.0.0/14"
]
}
}
CIDR Calculation
GET /api/v1/cidr/{prefix}/{mask}
Calculates network details for a CIDR block including network address, broadcast address, netmask, and host count.
Parameters
| Parameter | Type | Description |
|---|---|---|
prefix |
string | Network address (e.g., 192.168.1.0) |
mask |
string | Prefix length (e.g., 24) |
The endpoint also accepts a single parameter format: GET /api/v1/cidr/{cidr} where cidr is URL-encoded (e.g., 192.168.1.0%2F24).
Response Fields
| Field | Type | Description |
|---|---|---|
network |
string | CIDR notation |
network_address |
string | Network address |
broadcast_address |
string | Broadcast address |
netmask |
string | Subnet mask |
host_count |
string | Number of usable host addresses |
asn |
object | ASN info for this prefix (number, name) |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/cidr/10.0.0.0/8
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/cidr/10.0.0.0/8", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/cidr/10.0.0.0/8",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(f"Hosts: {data['data']['host_count']}")
const res = await fetch("https://ipdb.me/api/v1/cidr/10.0.0.0/8", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(`Hosts: ${data.host_count}`);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/cidr/10.0.0.0/8', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(`Hosts: ${result.data.host_count}`);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/cidr/10.0.0.0/8")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts "Hosts: #{data['data']['host_count']}"
Example Response
{
"status": "success",
"data": {
"network": "10.0.0.0/8",
"network_address": "10.0.0.0",
"broadcast_address": "10.255.255.255",
"netmask": "255.0.0.0",
"host_count": "16777214"
}
}
URL Analysis
GET /api/v1/url/{url}
Parses a URL into its components, resolves the hostname to IP addresses, and performs a HEAD request to gather server information.
Parameters
| Parameter | Type | Description |
|---|---|---|
url |
string | A full URL (URL-encoded, e.g., https%3A%2F%2Fexample.com) |
Response Fields
| Field | Type | Description |
|---|---|---|
url |
string | The full URL |
protocol |
string | Protocol scheme (e.g., https) |
host |
string | Hostname |
port |
string | Port number (if non-standard) |
path |
string | URL path |
query |
string | Query string |
fragment |
string | URL fragment |
resolved_ips |
array | IP addresses the hostname resolves to |
head |
object | HEAD request results (status, headers, response time) |
head_error |
string | Error message if HEAD request failed |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/url/https%3A%2F%2Fexample.com
import "net/url"
encoded := url.PathEscape("https://example.com")
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/url/"+encoded, nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
from urllib.parse import quote
url = quote("https://example.com", safe="")
r = requests.get(f"https://ipdb.me/api/v1/url/{url}",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(data["data"]["head"]["status"])
const url = encodeURIComponent("https://example.com");
const res = await fetch(`https://ipdb.me/api/v1/url/${url}`, {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(data.head.status);
const https = require('https');
const url = encodeURIComponent('https://example.com');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get(`https://ipdb.me/api/v1/url/${url}`, options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(result.data.head.status);
});
});
require 'net/http'
require 'json'
require 'cgi'
encoded = CGI.escape("https://example.com")
uri = URI("https://ipdb.me/api/v1/url/#{encoded}")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts data["data"]["head"]["status"]
Example Response
{
"status": "success",
"data": {
"url": "https://example.com",
"protocol": "https",
"host": "example.com",
"port": "443",
"path": "",
"resolved_ips": [
"93.184.215.14"
],
"head": {
"status_code": 200,
"status": "200 OK",
"content_type": "text/html; charset=UTF-8",
"content_length": 1256,
"server": "ECAcc (dcd/7D5A)",
"last_modified": "Thu, 17 Oct 2019 07:18:26 GMT",
"etag": "\"3147526947\"",
"response_time": "145ms"
}
}
}
MAC Address Lookup
GET /api/v1/mac/{mac}
Returns the manufacturer (vendor) name for a MAC address by looking up the OUI (Organizationally Unique Identifier) prefix in the IEEE database, along with formatted representations of the address.
Parameters
| Parameter | Type | Description |
|---|---|---|
mac |
string | A MAC address in any common format (e.g., 00:1A:2B:3C:4D:5E, 00-1A-2B-3C-4D-5E, 001a.2b3c.4d5e, or 001A2B3C4D5E). A 6-character OUI prefix is also accepted. |
Response Fields
| Field | Type | Description |
|---|---|---|
mac |
string | The MAC address in Linux upper format (XX:XX:XX:XX:XX:XX) |
vendor |
string | Manufacturer name from the IEEE OUI database |
prefix |
string | The 6-character OUI prefix (hex, uppercase) |
formats |
object | The MAC address in various standard formats |
Formats Object
| Field | Type | Description |
|---|---|---|
ieee802 |
string | IEEE 802 format (XX-XX-XX-XX-XX-XX) |
linux_upper |
string | Linux uppercase (XX:XX:XX:XX:XX:XX) |
linux |
string | Linux lowercase (xx:xx:xx:xx:xx:xx) |
cisco |
string | Cisco format (xxxx.xxxx.xxxx) |
raw |
string | Raw hex (XXXXXXXXXXXX) |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/mac/00:1A:2B:3C:4D:5E
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/mac/001A2B3C4D5E", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/mac/001A2B3C4D5E",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(f"{data['data']['vendor']} ({data['data']['prefix']})")
const res = await fetch("https://ipdb.me/api/v1/mac/001A2B3C4D5E", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(`${data.vendor} (${data.prefix})`);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/mac/001A2B3C4D5E', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(`${result.data.vendor} (${result.data.prefix})`);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/mac/001A2B3C4D5E")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts "#{data['data']['vendor']} (#{data['data']['prefix']})"
Example Response
{
"status": "success",
"data": {
"mac": "00:1A:2B:3C:4D:5E",
"vendor": "Ayecom Technology Co., Ltd.",
"prefix": "001A2B",
"formats": {
"ieee802": "00-1A-2B-3C-4D-5E",
"linux_upper": "00:1A:2B:3C:4D:5E",
"linux": "00:1a:2b:3c:4d:5e",
"cisco": "001a.2b3c.4d5e",
"raw": "001A2B3C4D5E"
}
}
}
Email Lookup
GET /api/v1/email/{email}
Performs a full analysis of an email address: validates the format, parses it into components, checks DNS records for the domain's mail infrastructure, detects the email provider, and computes a security grade.
Parameters
| Parameter | Type | Description |
|---|---|---|
email |
string | An email address (e.g., [email protected]) |
Response Fields
| Field | Type | Description |
|---|---|---|
email |
string | The queried email address |
local_part |
string | The part before @ |
domain |
string | The domain part after @ |
tag |
string | The sub-address tag if + addressing is used (e.g., tag from [email protected]) |
canonical |
string | Canonical form with tag removed and provider-specific normalization applied |
rfc_valid |
boolean | Whether the address conforms to RFC 5321 |
provider |
string | Detected email provider based on MX records (e.g., "Google", "Microsoft 365") |
is_disposable |
boolean | Whether the domain is a known disposable/temporary email service |
is_free_provider |
boolean | Whether the domain is a free email provider (e.g., Gmail, Yahoo) |
has_mx |
boolean | Whether the domain has MX records (can receive email) |
mx |
array | MX records with host and priority fields |
spf |
string | Raw SPF TXT record |
dmarc |
string | Raw DMARC TXT record |
mta_sts |
string | Raw MTA-STS TXT record |
bimi |
string | Raw BIMI TXT record |
tlsrpt |
string | Raw TLS-RPT TXT record |
security_grade |
string | Overall security grade from A (best) to F (worst) |
security_notes |
array | Human-readable explanations of the grade |
gravatar_url |
string | Gravatar image URL (if the email has an associated avatar) |
has_gravatar |
boolean | Whether a Gravatar was found for this email |
Example
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://ipdb.me/api/v1/email/[email protected]
req, err := http.NewRequest("GET", "https://ipdb.me/api/v1/email/[email protected]", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("X-API-Key", "YOUR_API_KEY")
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
import requests
r = requests.get("https://ipdb.me/api/v1/email/[email protected]",
headers={"X-API-Key": "YOUR_API_KEY"})
data = r.json()
print(f"Provider: {data['data']['provider']}, Grade: {data['data']['security_grade']}")
const res = await fetch("https://ipdb.me/api/v1/email/[email protected]", {
headers: { "X-API-Key": "YOUR_API_KEY" }
});
const { data } = await res.json();
console.log(`Provider: ${data.provider}, Grade: ${data.security_grade}`);
const https = require('https');
const options = {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
};
https.get('https://ipdb.me/api/v1/email/[email protected]', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => {
const result = JSON.parse(data);
console.log(`Provider: ${result.data.provider}, Grade: ${result.data.security_grade}`);
});
});
require 'net/http'
require 'json'
uri = URI("https://ipdb.me/api/v1/email/[email protected]")
req = Net::HTTP::Get.new(uri)
req["X-API-Key"] = "YOUR_API_KEY"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
puts "Provider: #{data['data']['provider']}, Grade: #{data['data']['security_grade']}"
Example Response
{
"status": "success",
"data": {
"email": "[email protected]",
"local_part": "user",
"domain": "gmail.com",
"canonical": "[email protected]",
"rfc_valid": true,
"provider": "Google",
"is_disposable": false,
"is_free_provider": true,
"has_mx": true,
"mx": [
{ "host": "gmail-smtp-in.l.google.com", "priority": 5 },
{ "host": "alt1.gmail-smtp-in.l.google.com", "priority": 10 },
{ "host": "alt2.gmail-smtp-in.l.google.com", "priority": 20 }
],
"spf": "v=spf1 redirect=_spf.google.com",
"dmarc": "v=DMARC1; p=none; sp=quarantine; rua=mailto:[email protected]",
"mta_sts": "v=STSv1; id=20190429T010101;",
"tlsrpt": "v=TLSRPTv1;rua=mailto:[email protected]",
"security_grade": "B",
"security_notes": [
"SPF record present",
"DMARC policy: quarantine",
"MTA-STS enabled",
"TLS-RPT reporting enabled"
],
"has_gravatar": false
}
}
Privacy & Data Protection
ipdb.me is committed to protecting your privacy. This page describes what data we collect, how we handle it, and your rights as a user.
Operator and Jurisdiction
ipdb.me is legally operated from Switzerland and is subject to the Swiss Federal Act on Data Protection (FADP/DSG). The service infrastructure is hosted by Hetzner Online GmbH in Germany, which is subject to the EU General Data Protection Regulation (GDPR). Both frameworks provide strong data protection standards.
Analytics
ipdb.me uses Gonalytics, a self-hosted, privacy-focused analytics tool. Gonalytics does not use cookies, does not collect personal data, and does not track individual users across sessions. It provides only aggregate statistics such as page view counts and referral sources. No data is shared with third parties.
Cookies
ipdb.me does not use tracking cookies, advertising cookies, or third-party cookies. If you log in to your account, a single session cookie (ipdb_session) is set. This cookie contains only a random token that identifies your session — no personal data is stored in the cookie itself. The session data is kept server-side in the database and is automatically deleted when you log out or when it expires. If you do not log in, no cookies are set at all.
Data We Collect
Search queries: When you perform a lookup (e.g., searching for an IP address), the query is processed in real time to return results. Queries are not stored with any identifying information such as your IP address or browser fingerprint.
API keys: If you register for API access, we store your API key and associated account information (email address) for authentication purposes. This data is stored in an encrypted database and is never shared with third parties.
Server logs: Standard web server access logs may temporarily contain IP addresses and request paths for operational and security purposes. These logs are rotated and deleted automatically.
Your Rights
Under the Swiss FADP and the EU GDPR, you have the right to:
- Access any personal data we hold about you
- Rectification of inaccurate data
- Deletion of your personal data
- Data portability — receive your data in a structured format
- Object to processing of your data
To exercise any of these rights, please contact us at the email address listed on the site.
Changes to This Policy
We may update this privacy policy from time to time. Any changes will be reflected on this page with the updated date. We encourage you to review this page periodically.
Last updated: February 2026