Home
Get Started
Core Concepts
API Usage Guides
Developer Tools
Integrations
API Reference
Support & Feedback
Usage Guides

Whisper API Overview

The Whisper API provides comprehensive intelligence and monitoring capabilities for domains, IPs, and web infrastructure. Access powerful APIs for threat intelligence, domain monitoring, network security analysis, WHOIS data, DNS records, geolocation, BGP routing, and more - all through a single, unified interface.

Key Features

  • Unified Intelligence: Single API for IPs, domains, DNS, WHOIS, and network data
  • Performance-First: Strategic caching with <500ms typical response times
  • Asynchronous Operations: Long-running jobs for bulk enrichment, scanning, and monitoring
  • Real-Time Data: Live BGP routing, DNS resolution, and geolocation updates
  • Historical Analysis: Track changes and trends over time
  • Security-Focused: Risk scoring, threat intelligence, and RPKI validation

API Categories

  • Indicators: IP/domain enrichment, threat intelligence
  • Location: Geolocation and ASN lookups
  • Operations: Screenshots, scanning, monitoring, job management

API Endpoints by Category

Indicators API

The Indicators API provides comprehensive threat intelligence and enrichment for IP addresses and domains. Designed for rapid investigation, incident response, and proactive threat hunting.

Base Path: /v1/indicators


  • GET /v1/indicators/{type}/{value}: Enrich single indicator
  • GET /v1/indicators/{type}/{value}/history: Get historical data
  • GET /v1/indicators/{type}/{value}/graph: Get relationship graph
  • GET /v1/indicators/domain/{domain}/subdomains: Get subdomains
  • POST /v1/indicators/domain/{domain}/similar: Generate similar domains
  • POST /v1/indicators/bulk: Bulk enrichment
  • POST /v1/indicators/search: Search indicators

Location API

The Location API provides fast geolocation lookups for IP addresses with city-level precision. Optimized for high-volume queries with <150ms response times.

Base Path: /v1/location

  • GET /v1/location/ip/{ip}: Get IP geolocation
  • GET /v1/location/network/{network}: Get network geolocation
  • POST /v1/location/ips/bulk: Bulk IP geolocation
  • GET /v1/location/search: Search by location
  • GET /v1/location/stats: Get database statistics

Operations API

The Operations API manages asynchronous jobs, website screenshots, infrastructure scanning, and monitoring operations.

Base Path: /v1/ops

  • GET /v1/ops/jobs/{jobId}: Get job status
  • GET /v1/ops/jobs: List jobs
  • POST /v1/ops/screenshot: Capture screenshot
  • GET /v1/ops/screenshot/history: Get screenshot history
  • POST /v1/ops/screenshot/schedule: Schedule screenshots
  • POST /v1/ops/scan: Infrastructure scan
  • POST /v1/ops/map: Map infrastructure
  • GET /v1/ops/changes/{target}: Get change history
  • GET /v1/ops/monitor/{target}: Get monitoring status
  • POST /v1/ops/monitor/{target}/alert: Configure alerts