This seems like crossing a fine line of legal vs the right thing. More than likely Panagram Labs is just on one of the customers using a third party API to get validation on the email. This third party API is the one who is abusing this technique most likely using pixel tracking for email addresses they havent seen before.

Partly fun part is what Panagram here has done is to expose an endpoint for anyone to transitively use the email validation API in their product