API Documentation
Welcome to the DeGhost API. Our endpoints allow you to validate users in real-time by analyzing their Email, Domain, and IP address.
Authentication
Currently, all endpoints are public for integration testing. Rate limits apply per IP. Contact us for production API keys.
Base URL
https://fraudcheckapi.hexbyte.devAll API requests use this base URL. Append the endpoint paths shown below.
1. Email Validation
Validates an email address by checking syntax, domain existence, and MX records. Also checks internal blacklists for disposable providers.
GET
https://fraudcheckapi.hexbyte.dev/email/:email
Example Request
cURL
curl -X GET "https://fraudcheckapi.hexbyte.dev/email/user@example.com"Response
JSON
{
"status": "allowed",
"has_mx": true,
"disposable": false,
"spam": false,
"public_domain": false,
"relay_domain": false,
"whitelisted": false,
"blacklisted": false,
"domain_age_in_days": 365
}| Field | Type | Description |
|---|---|---|
status | string | Overall validation status: 'allowed', 'not_allowed', or 'not_applicable' |
has_mx | boolean | Whether the domain has valid MX records |
disposable | boolean | True if from a disposable email provider |
spam | boolean | True if domain is known for spam |
public_domain | boolean | True if public email provider (Gmail, etc.) |
relay_domain | boolean | True if used as email relay |
whitelisted | boolean | True if domain is whitelisted |
blacklisted | boolean | True if domain is blacklisted |
domain_age_in_days | number | Domain age in days since registration |
Status Codes
| Status Code | Description |
|---|---|
| 200 | Email validated successfully (Allowed) |
| 400 | Invalid input format |
| 403 | Forbidden: Email is disposable, spam, or has no MX records |
| 499 | Client Closed Request |
| 504 | Gateway Timeout (>5s) |
2. Domain Validation
Isolates the check to the domain level. Useful if you want to allow specific email patterns but block entire domain providers.
GET
https://fraudcheckapi.hexbyte.dev/domain/:domain
Example Request
cURL
curl -X GET "https://fraudcheckapi.hexbyte.dev/domain/example.com"Response
JSON
{
"status": "allowed",
"has_mx": true,
"disposable": false,
"spam": false,
"public_domain": false,
"relay_domain": false,
"whitelisted": false,
"blacklisted": false,
"domain_age_in_days": 365
}| Field | Type | Description |
|---|---|---|
status | string | Overall validation status: 'allowed', 'not_allowed', or 'not_applicable' |
has_mx | boolean | Whether the domain has valid MX records |
disposable | boolean | True if from a disposable email provider |
spam | boolean | True if domain is known for spam |
public_domain | boolean | True if public email provider (Gmail, etc.) |
relay_domain | boolean | True if used as email relay |
whitelisted | boolean | True if domain is whitelisted |
blacklisted | boolean | True if domain is blacklisted |
domain_age_in_days | number | Domain age in days since registration |
Status Codes
| Status Code | Description |
|---|---|
| 200 | Domain validated successfully |
| 400 | Invalid domain format |
| 403 | Forbidden: Domain is disposable, spam, or invalid |
| 499 | Client Closed Request |
| 504 | Gateway Timeout (>5s) |
3. IP Intelligence
Checks the IP address against global threat databases. Returns detailed security flags to help you decide whether to block the user.
GET
https://fraudcheckapi.hexbyte.dev/ip/:ip
Example Request
cURL
curl -X GET "https://fraudcheckapi.hexbyte.dev/ip/8.8.8.8"Response
JSON
{
"ip": "8.8.8.8",
"security": {
"is_abuser": false,
"is_attacker": false,
"is_bogon": false,
"is_cloud_provider": true,
"is_proxy": false,
"is_relay": false,
"is_tor": false,
"is_tor_exit": false,
"is_vpn": false,
"is_anonymous": false,
"is_threat": false
}
}Security Recommendation
We recommend blocking the user if any of these fields are true:
- • is_abuser
- • is_attacker
- • is_threat
| Field | Type | Description |
|---|---|---|
is_abuser | boolean | IP has history of abusive behavior |
is_attacker | boolean | IP is known for attacks |
is_bogon | boolean | IP is unallocated or reserved |
is_cloud_provider | boolean | IP belongs to cloud hosting |
is_proxy | boolean | IP is a known proxy server |
is_relay | boolean | IP is used as relay |
is_tor | boolean | IP is part of Tor network |
is_tor_exit | boolean | IP is a Tor exit node |
is_vpn | boolean | IP associated with VPN services |
is_anonymous | boolean | IP used for anonymous browsing |
is_threat | boolean | IP identified as active threat |
Status Codes
| Status Code | Description |
|---|---|
| 200 | IP validated successfully |
| 403 | Forbidden: Private/Reserved/Localhost IP |
| 500 | Internal Server Error |
Need help with integration?
Contact Support