DeGhost is an internal tool
developed by hexbyte
Now open for public beta testing. Validate emails, domains, and IP addresses in real-time to prevent fraudulent users from accessing your platform.
Validate email addresses • Press Enter to analyze • Results appear below
87%
Fraud Blocked
<100ms
Response Time
99.9%
Uptime
24/7
Monitoring
Three-Layer Fraud Protection
Comprehensive validation through three critical endpoints, each designed to catch different types of malicious actors.
Email Validation
Verify MX records, detect disposable domains, and block spam-associated emails instantly.
GET /email/:emailDomain Validation
Filter disposable and temporary domains that pollute your user database.
GET /domain/:domainIP Intelligence
Identify proxies, VPNs, Tor exit nodes, and known attackers before they register.
GET /ip/:ipHow It Works
Integrate DeGhost into your registration flow in minutes. No complex setup required.
Make an API Request
Send a simple GET request with the email, domain, or IP you want to validate.
GET https://fraudcheckapi.hexbyte.dev/email/user@example.comGet Instant Results
Receive a detailed JSON response with validation status and threat indicators.
{ "status": "allowed", "disposable": false, "spam": false }Block or Allow
Use the response to allow legitimate users or block suspicious registrations.
Why DeGhost?
Real-Time Protection
Sub-100ms response times for seamless user experience.
Simple REST API
No SDKs required. Just simple GET requests.
Three-Layer Security
Email, domain, and IP verification in one platform.
Always Updated
Continuously updated threat database.
Complete API Reference
Everything you need to integrate DeGhost into your application. Three simple endpoints, comprehensive protection.
Authentication
Currently, all endpoints are public for integration testing. Rate limits apply per IP. Contact us for production API keys.
Base URL
https://fraudcheckapi.hexbyte.devAll API requests use this base URL. Append the endpoint paths shown below.
1. Email Validation
Validates an email address by checking syntax, domain existence, and MX records. Also checks internal blacklists for disposable providers.
Example Request
curl -X GET "https://fraudcheckapi.hexbyte.dev/email/user@example.com"Response
{
"status": "allowed",
"has_mx": true,
"disposable": false,
"spam": false,
"public_domain": false,
"relay_domain": false,
"whitelisted": false,
"blacklisted": false,
"domain_age_in_days": 365
}| Field | Type | Description |
|---|---|---|
status | string | Overall validation status: 'allowed', 'not_allowed', or 'not_applicable' |
has_mx | boolean | Whether the domain has valid MX records |
disposable | boolean | True if from a disposable email provider |
spam | boolean | True if domain is known for spam |
public_domain | boolean | True if public email provider (Gmail, etc.) |
relay_domain | boolean | True if used as email relay |
whitelisted | boolean | True if domain is whitelisted |
blacklisted | boolean | True if domain is blacklisted |
domain_age_in_days | number | Domain age in days since registration |
Status Codes
| Status Code | Description |
|---|---|
| 200 | Email validated successfully (Allowed) |
| 400 | Invalid input format |
| 403 | Forbidden: Email is disposable, spam, or has no MX records |
| 499 | Client Closed Request |
| 504 | Gateway Timeout (>5s) |
2. Domain Validation
Isolates the check to the domain level. Useful if you want to allow specific email patterns but block entire domain providers.
Example Request
curl -X GET "https://fraudcheckapi.hexbyte.dev/domain/example.com"Response
{
"status": "allowed",
"has_mx": true,
"disposable": false,
"spam": false,
"public_domain": false,
"relay_domain": false,
"whitelisted": false,
"blacklisted": false,
"domain_age_in_days": 365
}| Field | Type | Description |
|---|---|---|
status | string | Overall validation status: 'allowed', 'not_allowed', or 'not_applicable' |
has_mx | boolean | Whether the domain has valid MX records |
disposable | boolean | True if from a disposable email provider |
spam | boolean | True if domain is known for spam |
public_domain | boolean | True if public email provider (Gmail, etc.) |
relay_domain | boolean | True if used as email relay |
whitelisted | boolean | True if domain is whitelisted |
blacklisted | boolean | True if domain is blacklisted |
domain_age_in_days | number | Domain age in days since registration |
Status Codes
| Status Code | Description |
|---|---|
| 200 | Domain validated successfully |
| 400 | Invalid domain format |
| 403 | Forbidden: Domain is disposable, spam, or invalid |
| 499 | Client Closed Request |
| 504 | Gateway Timeout (>5s) |
3. IP Intelligence
Checks the IP address against global threat databases. Returns detailed security flags to help you decide whether to block the user.
Example Request
curl -X GET "https://fraudcheckapi.hexbyte.dev/ip/8.8.8.8"Response
{
"ip": "8.8.8.8",
"security": {
"is_abuser": false,
"is_attacker": false,
"is_bogon": false,
"is_cloud_provider": true,
"is_proxy": false,
"is_relay": false,
"is_tor": false,
"is_tor_exit": false,
"is_vpn": false,
"is_anonymous": false,
"is_threat": false
}
}Security Recommendation
We recommend blocking the user if any of these fields are true:
- • is_abuser
- • is_attacker
- • is_threat
| Field | Type | Description |
|---|---|---|
is_abuser | boolean | IP has history of abusive behavior |
is_attacker | boolean | IP is known for attacks |
is_bogon | boolean | IP is unallocated or reserved |
is_cloud_provider | boolean | IP belongs to cloud hosting |
is_proxy | boolean | IP is a known proxy server |
is_relay | boolean | IP is used as relay |
is_tor | boolean | IP is part of Tor network |
is_tor_exit | boolean | IP is a Tor exit node |
is_vpn | boolean | IP associated with VPN services |
is_anonymous | boolean | IP used for anonymous browsing |
is_threat | boolean | IP identified as active threat |
Status Codes
| Status Code | Description |
|---|---|
| 200 | IP validated successfully |
| 403 | Forbidden: Private/Reserved/Localhost IP |
| 500 | Internal Server Error |
Need help with integration?
Contact SupportReady to Stop Fraudulent Users?
Start protecting your platform today. Our API is free during beta and takes minutes to integrate.