Skip to main content
POST
/
api
/
ip
IP Lookup
curl --request POST \
  --url https://encrata.com/api/ip \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "ip": "<string>"
}
'
{
  "ip_address": "<string>",
  "security": {
    "is_vpn": true,
    "is_proxy": true,
    "is_tor": true,
    "is_hosting": true,
    "is_relay": true,
    "is_mobile": true,
    "is_abuse": true
  },
  "asn": {
    "asn": 123,
    "name": "<string>",
    "domain": "<string>",
    "type": "<string>"
  },
  "company": {
    "name": "<string>",
    "domain": "<string>",
    "type": "<string>"
  },
  "location": {
    "city": "<string>",
    "region": "<string>",
    "country": "<string>",
    "country_code": "<string>",
    "postal_code": "<string>",
    "continent": "<string>",
    "longitude": 123,
    "latitude": 123
  },
  "timezone": {
    "name": "<string>",
    "abbreviation": "<string>",
    "utc_offset": 123
  },
  "threat": {
    "abuse_score": 123,
    "total_reports": 123,
    "last_reported_at": "<string>",
    "usage_type": "<string>",
    "is_tor": true,
    "is_whitelisted": true,
    "distinct_users": 123,
    "is_scanner": true,
    "is_known_service": true,
    "classification": "<string>",
    "scanner_name": "<string>",
    "last_seen": "<string>"
  },
  "malware": {
    "malicious_count": 123,
    "suspicious_count": 123,
    "harmless_count": 123,
    "undetected_count": 123,
    "reputation": 123,
    "network": "<string>"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.encrata.com/llms.txt

Use this file to discover all available pages before exploring further.

Authentication

Requires an API key in the Authorization header. 
Authorization: Bearer YOUR_API_KEY

Request

ip
string
required
The IP address to look up (IPv4 or IPv6).

Example request

curl -X POST "https://encrata.com/api/agent/ip" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"ip": "8.8.8.8"}'

Response

ip_address
string
The IP address that was looked up.
security
object
Security/threat detection flags.
asn
object
Autonomous System Number details.
company
object
Company or organization that owns the IP range.
location
object
Geolocation data.
timezone
object
Timezone information.
threat
object
Threat intelligence data.
malware
object
Malware analysis results.

Example response

200 OK
{
  "ip_address": "8.8.8.8",
  "security": {
    "is_vpn": false,
    "is_proxy": false,
    "is_tor": false,
    "is_hosting": true,
    "is_relay": false,
    "is_mobile": false,
    "is_abuse": false
  },
  "asn": {
    "asn": 15169,
    "name": "GOOGLE",
    "domain": "google.com",
    "type": "hosting"
  },
  "company": {
    "name": "Google LLC",
    "domain": "google.com",
    "type": "hosting"
  },
  "location": {
    "city": "Mountain View",
    "region": "California",
    "country": "United States",
    "country_code": "US",
    "postal_code": "94043",
    "continent": "North America",
    "longitude": -122.0775,
    "latitude": 37.4056
  },
  "timezone": {
    "name": "America/Los_Angeles",
    "abbreviation": "PDT",
    "utc_offset": -7
  },
  "threat": {
    "abuse_score": 0,
    "total_reports": 87,
    "last_reported_at": "2026-05-10T14:22:00+00:00",
    "usage_type": "Data Center/Web Hosting/Transit",
    "is_tor": false,
    "is_whitelisted": true,
    "distinct_users": 42,
    "is_scanner": false,
    "is_known_service": true,
    "classification": "benign",
    "scanner_name": "Google DNS",
    "last_seen": "2026-05-11"
  },
  "malware": {
    "malicious_count": 0,
    "suspicious_count": 0,
    "harmless_count": 74,
    "undetected_count": 12,
    "reputation": 30,
    "network": "8.8.8.0/24"
  }
}

Notes

  • This endpoint is free — no credits are deducted.
  • Supports both IPv4 and IPv6 addresses.
  • Results are cached — repeat lookups within the cache window are instant.
  • If a provider is unavailable, the response still includes data from the remaining providers.
  • Rate limited to 60 requests per minute.