API Documentation
Programmatic access to website analysis
Anonymous users can use the API with 100 requests per day (IP-based rate limiting).
Create Account to get 2x rate limit and track usage.
API access works both with and without authentication. Authenticated users get 2x rate limits.
Anonymous Access (100 requests/day)
# No authentication needed
curl "https://locapeak.com/api/analyze?url=example.com"Authenticated Access (200 requests/day)
Provide your API token using either method:
Option 1: Authorization Header (Recommended)
Authorization: Bearer YOUR_API_TOKENOption 2: X-API-Token Header
X-API-Token: YOUR_API_TOKENGet your token: Sign up at /signup and view your token on the Account page.
Website Analysis
GET /api/analyze?url={website_url}Multi-Region Ping
POST /api/ping
Content-Type: application/json
{
"target": "example.com",
"count": 4
}Ping Sweep (IP Discovery)
POST /api/pingsweep
Content-Type: application/json
{
"input": "8.8.8.8\n192.168.1.0/24\n2001:4860:4860::8888"
}Supports multiple IPs and CIDRs (IPv4 & IPv6, max 512 IPs). Enter one per line or use newline separators.
Ping Monitor (Capture Who Pings This Server)
POST /api/ping-monitor/start
GET /api/ping-monitor/{session_id}Starts a 30-second ICMP capture window on the server and returns source IPs that ping the server during that window.
Example:
curl -X POST "https://locapeak.com/api/ping-monitor/start"
curl "https://locapeak.com/api/ping-monitor/SESSION_ID"IP Address Lookup
GET /api/ip-lookup?ip={ip_address}Get geolocation, ASN, and privacy information for any IPv4 or IPv6 address.
Example:
curl "https://locapeak.com/api/ip-lookup?ip=8.8.8.8"Returns JSON with country, city, region, coordinates, and ASN information. Bogon IPs (private networks) are flagged.
BYOT IP Lookup (Bring Your Own Token)
POST /api/byot-ip-lookup
Content-Type: application/json
{
"token": "YOUR_ACCESS_TOKEN",
"mode": "default",
"input": "8.8.4.4\n8.8.4.4\n1.1.1.1"
}Deduplicates IPs before calling the selected batch endpoint, then joins flattened response rows back to the original input order (including duplicates).
Mode options: default → https://api.ipinfo.io/batch, legacy → https://api.ipinfo.io/batch/legacy, lite → https://api.ipinfo.io/batch/lite.
OpenGraph Preview
POST /api/opengraph-preview
Content-Type: application/json
{
"url": "https://example.com"
}Fetches page metadata for social previews and returns SEO title, SEO description, OpenGraph image URL, image availability status, and preview payloads for Facebook, LinkedIn, X, Google, Slack, and WhatsApp.
Example:
curl -X POST "https://locapeak.com/api/opengraph-preview" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'ASN Lookup
GET /api/network/asn/{asn}Lookup autonomous system by ASN number (with or without AS prefix).
Example:
curl "https://locapeak.com/api/network/asn/AS15169"
curl "https://locapeak.com/api/network/asn/15169"Returns ASN, AS name, AS domain, IPv4 prefixes, and IPv6 prefixes.
Domain Network Lookup
GET /api/network/domain/{domain}Lookup network information by AS domain name.
Example:
curl "https://locapeak.com/api/network/domain/google.com"Returns list of ASNs, prefixes (IPv4 & IPv6), and countries associated with the domain.
Country Network Lookup
GET /api/network/countries/{country_codes}Lookup all network prefixes for one or more countries (comma-separated).
Example:
curl "https://locapeak.com/api/network/countries/US"
curl "https://locapeak.com/api/network/countries/US,CA,MX"Returns all IPv4 and IPv6 prefixes allocated to the specified countries.
WHOIS Lookup
POST /api/whois
Content-Type: application/json
{
"input": "example.com"
}Lookup WHOIS and RDAP data for a domain or IP address.
Example:
curl -X POST "https://locapeak.com/api/whois" \
-H "Content-Type: application/json" \
-d '{"input": "8.8.8.8"}'Bulk Website Check
POST /api/website-check
Content-Type: application/json
{
"input": "example.com\nhttps://google.com\nwikipedia.org"
}Checks domains/URLs concurrently with async requests and a 10-second timeout per target. A domain is marked functioning only if valid website content is returned.
Example:
curl -X POST "https://locapeak.com/api/website-check" \
-H "Content-Type: application/json" \
-d '{"input": "example.com\ngithub.com"}'Subdomain Discover
POST /api/subdomain-discover
Content-Type: application/json
{
"domain": "example.com",
"wordlist": "www\napi\nmail"
}Discovers subdomains from a candidate label list and returns resolved IPv4/IPv6 addresses for each discovered subdomain.
Example:
curl -X POST "https://locapeak.com/api/subdomain-discover" \
-H "Content-Type: application/json" \
-d '{"domain": "example.com"}'Health Checks
GET /health # Main application health
GET /api/ip-lookup/health # IP lookup service health
GET /api/network/health # Network data service healthHealth endpoints return service status and database counts.
Admin - Manual Database Update
POST /api/admin/update-databases
Authorization: Bearer YOUR_API_TOKENManually trigger database updates (requires authentication).
Multi-Region Traceroute
POST /api/traceroute
Content-Type: application/json
{
"target": "example.com"
}IP Address Extractor
The IP Extractor tool runs entirely in your browser (client-side JavaScript). No API endpoint available – all processing is done locally for privacy and speed.
| Parameter | Type | Required | Description |
|---|---|---|---|
url |
string | Yes | The website URL to analyze (e.g., example.com or https://example.com) |
Rate limits are based on your account's API multiplier:
- Default (signed up users): 2x multiplier = 200 requests/day per endpoint
- Premium users: Custom multipliers available (contact support)
- Base limits: 100 requests/day per endpoint (before multiplier)
Rate limit information is included in the response:
{
"rate_limit": {
"limit": 200,
"remaining": 199,
"window": "24 hours"
}
}cURL - Website Analysis
curl -H "Authorization: Bearer YOUR_API_TOKEN" \
"https://locapeak.com/api/analyze?url=example.com"cURL - Ping
curl -X POST \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{"target": "example.com", "count": 4}' \
"https://locapeak.com/api/ping"Python - Website Analysis
import requests
headers = {
"Authorization": "Bearer YOUR_API_TOKEN"
}
response = requests.get(
"https://locapeak.com/api/analyze",
params={"url": "example.com"},
headers=headers
)
data = response.json()
print(data)Python - Traceroute
import requests
headers = {
"Authorization": "Bearer YOUR_API_TOKEN",
"Content-Type": "application/json"
}
response = requests.post(
"https://locapeak.com/api/traceroute",
json={"target": "example.com"},
headers=headers
)
data = response.json()
print(data)JavaScript
const headers = {
"Authorization": "Bearer YOUR_API_TOKEN"
};
fetch('https://locapeak.com/api/analyze?url=example.com', { headers })
.then(response => response.json())
.then(data => console.log(data));{
"url": "https://example.com",
"domain": "example.com",
"dns": {
"domain": "example.com",
"a_record": "93.184.216.34",
"ns_records": ["..."],
"mx_records": ["..."],
"txt_records": ["..."]
},
"ssl": {
"issuer": {...},
"subject": {...},
"valid_from": "...",
"valid_to": "...",
"version": 3
},
"page": {
"title": "Example Domain",
"description": "Example description",
"generator": null,
"server": "nginx"
},
"social_links": {
"Twitter": ["https://twitter.com/example"],
"Facebook": ["https://facebook.com/example"]
},
"external_links": {
"count": 10,
"domains": ["..."]
},
"technologies": {
"js_frameworks": ["React.js"],
"css_frameworks": ["Bootstrap"],
"analytics": ["Google Analytics"],
"antibot": [],
"marketing": [],
"payment": []
},
"providers": {
"registrar": "GoDaddy",
"mail_provider": "Google Workspace"
},
"screenshot_url": "/screenshot/...",
"rate_limit": {
"limit": 5,
"remaining": 4,
"window": "24 hours"
}
}Rate Limit Exceeded (429)
{
"error": "Rate limit exceeded",
"requests_made": 5,
"limit": 5,
"window": "24 hours"
}Server Error (500)
{
"error": "Error analyzing website: ..."
}