Bogus Email Pattern Recognition API

🔒 Fraud Detection Status: ACTIVE on all POST routes with 'email' field

Endpoints:
- POST /* (any route with email field gets validated automatically!)
- POST /validate { "email": "test@example.com" } (backward compatible)
- GET /debug (shows all request signals)
- /admin/* (requires X-API-Key header)

Examples:
# Legacy endpoint (still works)
curl -X POST https://your-worker.dev/validate \
  -H "Content-Type: application/json" \
  -d '{"email":"test@example.com"}'

# New: Any POST endpoint with email gets validated
curl -X POST https://your-worker.dev/signup \
  -H "Content-Type: application/json" \
  -d '{"email":"user@example.com","password":"<your-password>"}'

Monitoring Mode: Set "actionOverride": "allow" in config.json