POST /api/spf-checkFetch and validate a domain's SPF record (RFC 7208). Parses mechanisms (ip4/ip6/include/a/mx/all), counts DNS lookups against the famous 10-lookup limit, and flags the qualifier on `all` (-/fail, ~/softfail, ?/neutral). The first stop when an email is hitting the spam folder.
| Field | Type | Description |
|---|---|---|
domain * | string | Domain name (also accepts email/url/host) |
{
"domain": "google.com",
"hasRecord": true,
"raw": "v=spf1 include:_spf.google.com ~all",
"mechanisms": [
{
"type": "include",
"qualifier": "pass",
"value": "_spf.google.com"
},
{
"type": "all",
"qualifier": "softfail"
}
],
"lookupCount": 1,
"all": "softfail",
"valid": true,
"warnings": []
}
curl -i -X POST https://agent402.tools/api/spf-check \
-H "Content-Type: application/json" \
-d '{"domain":"google.com"}'
The response is HTTP 402 Payment Required with exact payment requirements. Any x402 v2 client pays automatically and retries:
import { wrapFetchWithPayment } from "@x402/fetch";
import { x402Client } from "@x402/core/client";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";
const client = new x402Client();
registerExactEvmScheme(client, { signer: privateKeyToAccount(KEY) });
const payFetch = wrapFetchWithPayment(fetch, client);
const res = await payFetch("https://agent402.tools/api/spf-check", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
"domain": "google.com"
}),
});
Wallet-only. This tool reaches the network/browser/storage, so it is paid in USDC via x402 (no proof-of-work tier).
GET /api/dnsDNS lookup for a domain. Supported record types: A, AAAA, MX, TXT, NS, CNAME.
POST /api/http-checkCheck any public URL: status code, latency, final URL after redirects, and response headers. The uptime primitive for ag…
POST /api/tls-certInspect the TLS certificate of any public host: subject, issuer, validity window, days remaining, SANs, and SHA-256 fing…