Homeβ€Ί Infrastructureβ€Ί supportapi-prod.codebig2.net
This site failed important safety checks β€” please read this before going any further.
Be careful β€” Suspicious

No β€” supportapi-prod.codebig2.net doesn't look safe

20/ 100 trust score
Industry: Infrastructure Checked Jul 15, 2026 Infrastructure average: 47 26 signals

In plain English

This site raises serious concerns. It's an API endpoint that requires authentication, yet there is no public information about who runs it, no contact details, and no legal terms. The technical security is fine, but the complete lack of transparency makes it hard to trust with any credentials or data.

What you should do now

Don't panic. These steps limit the damage, and the sooner you take them the better.

1

Don't enter any details

No passwords, card numbers or personal information β€” even if the site looks professional.

2

Close the tab

Especially if you got here from an email, text message or social media ad.

3

Already paid? Call your bank

Contact your bank or card provider right away. They can often stop or reverse a recent payment.

4

Warn others

Report the site and share this check with anyone who sent you the link.

N Partner pick
Better safe than sorry. Stay covered everywhere: NordVPN's Threat Protection blocks known scam sites before they load.
Try NordVPN β†’
Cross-referenced 26 live signals from Google Safe Browsing, VirusTotal, WHOIS and more on Jul 15, 2026. How we score β†’

Where the score comes from

We look at six areas. Here's how supportapi-prod.codebig2.net did in each.
85
Security

The site uses modern encryption and a valid certificate with a reputable issuer, and no malware or phishing flags appear. That's the one area where it meets expectations for a technical service.

15
Identity

There is zero public information about who operates this site: no WHOIS record, no company page, no branding. For an API that requires authentication, this level of anonymity is a serious red flag.

40
Reputation

The site hasn't been blacklisted, but it has no web archive history, no traffic rank, and no external reviews. It's essentially a blank slate with no track record to judge by.

10
Transparency

No contact details, no about page, no social media presence, and bot protection stopped us from seeing any further. The site is completely opaque about who is behind it.

20
Compliance

For a commercial API service, you'd expect legal terms like a privacy policy and terms of service. None were found, and the site's bot protection blocked any attempt to check. That's a significant gap.

50
Infrastructure

The hosting is on a residential-grade ISP network (Comcast), which is unusual for a production API. DNSSEC is not enabled, and the server name is generic. It works, but it doesn't inspire confidence.

What we checked

The 26 signals behind this report.
Security & Transport
Certificate Issuer
Sectigo Limited
Google Web Risk
Clean
HSTS Header
Present
SSL Certificate
Valid
Security Headers
1 of 6
Server
CodeBig
TLS Version
TLS 1.3
Identity & WHOIS
About Page
Not found
Branding
Missing
Business Disclosure
Not found
Contact Info
Unable to check
Legal Pages
Unable to check
Infrastructure & DNS
DNS Blacklists
Clean
DNS Resolution
6 IP(s)
DNSSEC
Not enabled
Email (MX Records)
None
Hosting Network (ASN)
AS7922 COMCAST-7922
Page Load Time
541ms
Reputation & Reach
Sitemap
Not found
Social Media Presence
Unable to check
Structured Data
None found
Tranco Rank
Not ranked
Trustpilot
No Trustpilot profile
Web Archive History
No archive found
Website Status
Bot protection detected
robots.txt
Not found

Think this verdict is wrong?

Site owners can request a fresh scan. Scores update automatically as signals change.

When you encounter an API endpoint like supportapi-prod.codebig2.net, the first question is whether you can trust it with your authentication credentials. Legitimate API services typically provide a developer portal, company information, and clear terms of use. This site offers none of that. The domain is essentially invisible: no WHOIS record, no about page, no social media presence, and a bot protection system that blocks any attempt to learn more. The SSL certificate is valid and the connection is encrypted, but that only covers the transport layer, not the organization behind it. For a service that expects you to send credentials, the lack of transparency is a significant warning sign. Most professional API providers have a verifiable company name, support channels, and a history you can research. Here, you have nothing to go on. If you are considering using this API, we strongly recommend finding an alternative with a clear public identity and documented compliance practices. Trust should be earned, not assumed when the operator remains hidden.

More Infrastructure sites

How similar sites score. See all β†’