> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encrata.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Changelog

> What's new and improved in Encrata.

## June 25, 2026

<Info>v2.2.0 — IP Intelligence overhaul</Info>

* **New** — Passive DNS history: IP lookups now return `passive_dns` — the domains that have resolved to an IP with per-domain `first_seen`/`last_seen`, accumulated over time.
* **New** — Reputation over time: `reputation_history` returns a growing timeline of abuse score, malicious counts, and threat level on each lookup, plus an overall `trend` (improving/worsening/stable).
* **New** — Allocation & routing history: `routing_history` shows which ASNs have originated the IP over time, with `origin_changes` and a `possible_hijack` flag.
* **New** — TLS & certificate fingerprints: `tls` adds a live JARM hash, certificate SHA-256, subject/issuer/SANs, and self-signed / expired detection for pivoting to related infrastructure.
* **New** — C2 & honeypot detection: `c2` flags known command-and-control / botnet controllers, and `honeypot` flags likely decoy systems.
* **New** — Named VPN/proxy provider: `security.provider_name` and `security.provider_type` identify the actual operator (e.g. NordVPN, Mullvad, Bright Data) instead of a generic flag.
* **Improved** — Open ports now include friendly `services` labels (port → service name + banner).

***

## June 20, 2026

<Info>v2.1.1 — Domain Intelligence enrichments</Info>

* **New** — Subdomain ownership era: subdomain rows now include `first_seen` and an `owner_era` flag (`current` / `previous`) so Certificate Transparency entries that predate the current registration are surfaced as likely prior-owner assets.
* **New** — Extended email-auth posture: the email sheet now reports `CAA`, `BIMI`, and `TLS-RPT` records alongside SPF, DKIM, DMARC, and MTA-STS, with a finding raised when no CAA record is published.
* **New** — Agent-readiness discovery: passive `.well-known` probing now detects `llms.txt`, `ai-plugin.json`, A2A `agent-card.json`, MCP `server-card.json`, and `openapi.json`, surfaced as machine-readable product/API surfaces.
* **Improved** — Technology attribution: domain-verification TXT records now resolve to the actual vendor (e.g. Postman, Google Search Console, Amazon SES, Stripe) instead of a generic label, and hostnames are normalized to plain values.

***

## June 18, 2026

<Info>v2.1.0 — Domain Intelligence & Company Enrichment</Info>

* **New** — Domain Intelligence: Domain search now returns an `intel` recon report — subdomain enumeration, live host probing, tech-stack & CDN detection, TLS details, and aggregate DNS. Powered by Encrata's self-hosted, keyless [ProjectDiscovery](https://projectdiscovery.io) engine (`subfinder`, `dnsx`, `httpx`).
* **New** — Company enrichment on domain search: A `company` object adds the organisation behind the domain — industry, headquarters, social profiles, and registry data (LEI, company number, jurisdiction, officers).
* **Note** — Domain Intelligence runs in passive mode for API requests; no port scanning or intrusive probes are sent to the target.

***

## June 1, 2026

<Info>v2.0.0 — Workflows, Bulk Operations & Settings Overhaul</Info>

* **New** — Workflows: Build automated multi-step OSINT pipelines with triggers, conditions, enrichment steps, delays, and webhook delivery.
* **New** — Workflow triggers: `manual`, `webhook`, `schedule`, `file_upload`, and `monitor_event`.
* **New** — Workflow step types: `email_lookup`, `phone_lookup`, `company_lookup`, `domain_lookup`, `ip_lookup`, `darkweb_lookup`, `condition`, `delay`, `webhook`, `transform`.
* **New** — Workflow templates: Pre-built automations you can clone and customize.
* **New** — Workflow secrets: Encrypted key-value store for webhook step credentials.
* **New** — Workflow versioning: Immutable version history created on every update.
* **New** — Workflow audit log: Full trail of who created, updated, and ran each workflow.
* **New** — Public webhook ingest: Trigger workflows via a unique token URL without authentication.
* **New** — Bulk Google search: `POST /api/bulk-google-search` — up to 100 queries per request.
* **New** — Bulk company search: `POST /api/bulk-company-search` — up to 100 companies per request.
* **New** — Bulk domain search: `POST /api/bulk-domain-search` — up to 100 domains per request.
* **New** — Bulk IP search: `POST /api/bulk-ip-search` — up to 100 IPs per request.
* **New** — Async bulk jobs: Upload CSV files for background processing (up to 10,000 rows) with progress tracking and download.
* **New** — AI chat: Conversational interface for lookups and workflow building.
* **New** — Settings integrated into app sidebar: All settings pages accessible from the main navigation without leaving the app.
* **Improved** — UI consistency: Standardized to 16px (text-base) across all sidebars, dropdowns, and menus.
* **Improved** — Removed breadcrumb clutter from settings pages.

***

## May 26, 2026

<Info>v1.9.0 — Enriched Views & Social Detection</Info>

* **New** — Enriched output mode: All sandbox lookups now support a visual "Enriched" view alongside raw JSON.
* **New** — Social media detection in Google search: Automatically surfaces profile links (LinkedIn, X, Instagram, Facebook, YouTube, GitHub, etc.) from results.
* **New** — Person enrichment: Additional intelligence sources integrated into email lookups.

***

## May 22, 2026

<Info>v1.8.0 — Auto Top-Up & Agent API Expansion</Info>

* **New** — Auto top-up: Automatically recharge credits when balance drops below your configured threshold.
* **New** — Domain lookup enhanced: DNS records, SSL certificates, host intelligence, and threat scoring now included.
* **New** — Dark web search expanded: Full breach details, chat messages, and leak metadata in responses.

***

## May 17, 2026

<Info>v1.7.0 — CLI, Docs & Developer Experience</Info>

* **New** — CLI: Look up emails, domains, phones, and more directly from your terminal.
* **New** — Developer docs: Errors, rate limits, pagination, credits, SDKs, and code examples.
* **New** — API key auth: All endpoints now use `X-API-Key` header (JWT removed).
* **New** — Careers page: Public job board with application support.

***

## May 15, 2026

<Info>v1.6.0 — Multi-Type Monitors & Contact Lists</Info>

* **New** — Multi-type monitors: Create monitors for phone numbers, domains, IPs, companies, and dark web queries — not just emails.
* **New** — Monitor types: `email`, `phone`, `domain`, `ip`, `company`, `darkweb` — each with type-specific enrichment and change tracking.
* **New** — Cross-monitor views: Aggregate Runs, Results, Targets, and Lists pages per lookup type in the dashboard sidebar.
* **New** — `GET /api/monitoring/runs?type=X` — list all runs filtered by monitor type.
* **New** — `GET /api/monitoring/results?type=X` — list all results filtered by monitor type, with `changes_only` filtering.
* **New** — `GET /api/monitoring/targets?type=X` — list all tracked targets across monitors of a specific type.
* **New** — Contact lists with types: Create reusable target lists scoped to a type (`POST /api/lists` with `type` field).
* **New** — `GET /api/lists?type=X` — filter contact lists by type.
* **New** — Frequency options expanded: `weekly` and `biweekly` schedules now available in addition to monthly/quarterly.
* **New** — Monitor targets API: `GET/POST/DELETE /api/monitors/{id}/targets` for managing non-email targets.
* **Improved** — Create monitor now accepts `monitor_type` and `targets` fields for non-email monitors.
* **Improved** — Dashboard sidebar shows full monitoring section (Monitors, Runs, Results, Targets, Lists) for each lookup type.

***

## May 4, 2026

<Info>v1.5.0 — Monitors</Info>

* **New** — Monitors: Schedule recurring enrichment runs on a list of emails — track when contacts change jobs, companies, locations, and more.
* **New** — Monitor run history: View every past run with stats — total records, changes detected, credits used, and duration.
* **New** — Change detection: Compare snapshots across runs with field-level diffs — see exactly what changed for each email.
* **New** — Interactive email management: Add emails via comma-separated input or CSV upload, remove individually with one click.
* **New** — Edit monitor: Update name, frequency, change detection mode, and tracked fields from a settings dialog.
* **New** — Tracked fields: Choose which fields to monitor for changes (name, company, role, city, etc.) or track all by default.
* **New** — API-triggered runs: Trigger monitor runs programmatically via `POST /api/agent/monitors/{id}/run` with API key auth.
* **New** — Webhook event `monitor.run.completed`: Receive a callback when a monitor run finishes with changes detected.
* **New** — Bulk operations: Select multiple monitors to pause, resume, or delete in batch.
* **New** — CSV download: Export run results as CSV directly from the run detail page.
* **Improved** — Run results toggle between "changes only" and "all records" views.
* **Improved** — Delete confirmation dialogs on both list and detail pages.

***

## May 2, 2026

<Info>v1.4.0</Info>

* **New** — Webhooks: Receive real-time HTTP callbacks when events occur in your workspace — lookup completions, API key changes, and credit alerts.
* **New** — MCP Server: Connect Encrata to any AI agent (Claude, Cursor, VS Code Copilot, Windsurf) via the Model Context Protocol at `/mcp`.
* **New** — Webhook management API: Full CRUD endpoints to create, list, update, delete, and test webhooks programmatically.
* **New** — Webhook delivery logs: Track every delivery attempt with status, response codes, and payload history.
* **New** — HMAC-SHA256 signature verification: Every webhook delivery is signed so you can verify authenticity.
* **New** — OTP verification for destructive actions: Delete account and leave workspace now require email OTP confirmation.
* **Improved** — Updated to Inter font across the entire UI for better readability.
* **Improved** — Lightened dialog backdrop overlay for less intrusive modals.
* **Fixed** — Dialog footer no longer shows a dark background strip.

***

## May 19, 2025

<Info>v1.3.0</Info>

* **New** — Agent Lookup API: Token-optimized endpoint for AI agents with compact field keys and selective field retrieval.
* **New** — Bulk Lookup with SSE streaming: Look up up to 1,000 emails in a single request with real-time results.
* **New** — Breach detection: Lookups now return breach history — compromised services, exposed data types, and breach dates.
* **New** — Email validation: Every lookup includes deliverability status — valid, invalid, or disposable.
* **New** — Export to CSV & JSON: Download lookup results directly from the dashboard or via the API.

***

## April 28, 2025

<Info>v1.2.0</Info>

* **New** — Dashboard & analytics: Lookup volume charts, validity breakdowns, and endpoint usage stats.
* **New** — Logs & activity feed: Detailed log of every API call, filterable by endpoint, validity, and date range.
* **New** — Team & workspace management: Invite members, manage roles, and collaborate in a shared workspace.
* **New** — API key management: Create, revoke, and manage multiple API keys with per-key usage tracking.
* **Improved** — Lookup response expanded to 30+ structured fields across identity, professional, education, and social categories.

***

## April 7, 2025

<Info>v1.1.0</Info>

* **Improved** — Response time reduced by 40% for single email lookups.
* **Improved** — More consistent field formatting across all response objects.
* **Fixed** — Occasional timeout on lookups with uncommon email providers.

***

## March 18, 2025

<Info>v1.0.0</Info>

* **Launch** — Encrata is live. Core Email Lookup API: pass any email, get structured intelligence about the person behind it.
