MalwareTips
Security Review

Is codebeautify.org legit or a scam?

Our verdict:Suspicious· 55/100

Legitimate developer tool with a severe data-exposure vulnerability that leaked thousands of user credentials and secrets via publicly accessible saved links.

Top reasons
WatchTowr Labs research (Nov 2025) confirmed thousands of user credentials, passwords, and API keys were publicly exposed via the 'Recent Links' feature.Researchers scraped 80,000+ submissions containing secrets from banks, government agencies, and technology companies; data persisted beyond intended expiration.The site's architecture inadvertently turned it into a data harvester — users who pasted sensitive information had it exposed to public scraping.
codebeautify.orgScanned 1d ago
Post Facebook
0
Trust score
SUSPICIOUS
Heuristics 83·MT 42
Category tags
developer toolsdata security risk#Data Harvester72% MT confidence
Technical red flags (1)
Impersonates Minecraft

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
13 years old
Registered Sep 25, 2013
MT Intelligence
Suspicious
Moderate likelihood · 72% confidence
SUSPICIOUS

Warning signs detected

Legitimate developer tool with a severe data-exposure vulnerability that leaked thousands of user credentials and secrets via publicly accessible saved links. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Website Preview

Screenshot of codebeautify.org
LIVE RENDER
codebeautify.org
1Impersonates Minecraft

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

5
/ 100
Low visual risk

Visual red flags detected in the screenshot

The page presents as a legitimate developer utilities portal with a clean, consistent design and a broad set of code-formatting tools. No scam-indicative visual patterns are present.

Visual risk5/100

What our vision model saw

4 signals

Standard developer utility site displaying a grid of code/formatting tools with consistent, professional layout

Navigation bar includes expected tool categories (JSON Formatter, XML Formatter, etc.) with a Login button — no anomalies

Small dismissible promotional banner at the bottom advertising an internal tool link — low-pressure, no urgency tactics

No countdown timers, fake trust badges, payment forms, or credential-harvesting elements visible

Brand Impersonation

medium confidence

The page mentions or styles itself as Minecraft, but is hosted on a domain that is not an official Minecraft property.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Moderate scam likelihoodengineMT · Guardiantrust42/100
MT AgentLive web researchVisual inspection
0%
Confidence
CodeBeautify operates as a genuine, long-established online code formatter and beautifier with a clean technical footprint — 12 years old, valid SSL, zero antivirus detections, and a 4-star an independent review aggregator rating from 6 users. However, security researchers at WatchTowr Labs discovered in November 2025 that the site's 'Recent Links' feature, which allows users to save and share formatted code snippets, inadvertently exposed thousands of secrets: passwords, API keys, database credentials, and PII from banks, government agencies, and technology companies. Researchers scraped over 80,000 submissions and found the leaked data persisted beyond intended expiration dates. This is not a scam or phishing site — it is a legitimate utility with a serious architectural flaw that turned it into an unintended data harvester. Users who pasted sensitive information into the tool had that data exposed to public scraping.
Full dossier
Analysis complete

Page Content

CodeBeautify presents as a professional developer utilities portal offering code formatters, beautifiers, validators, and converters for JSON, XML, HTML, CSS, JavaScript, and dozens of other formats. The interface is clean and functional with no phishing indicators, credential-harvesting forms, or urgency tactics. A 'Save Online' feature allows users to generate shareable links to their formatted code.

Infrastructure

Domain registered in 2013 with Cloudflare, valid Let's Encrypt SSL certificate, zero abuse reports on the hosting IP (104.20.47.205), and zero detections from our antivirus network. The site loads external analytics and ad-serving domains (Quantcast, btloader) typical of legitimate web properties.

Domain History

The domain is 4,648 days old (over 12 years), with no evidence of recent ownership changes or suspicious activity. WHOIS privacy is disabled, and the registrar is Cloudflare. No business registration details are publicly available beyond the site's self-published 'About Us' page.

Web Reputation

Independent review aggregators show a 4-star rating based on 6 user reviews on an independent review aggregator. However, security researchers at WatchTowr Labs published findings in November 2025 documenting that the site's 'Recent Links' feature exposed thousands of secrets — passwords, API keys, credentials from banks, government, and tech companies — via publicly accessible saved submissions. Researchers scraped over 80,000 submissions and confirmed active credential exposure. This is a data-security flaw, not a scam or fraud operation.

Risk Factors
6
  • WatchTowr Labs research (Nov 2025) confirmed thousands of user credentials, passwords, and API keys were publicly exposed via the 'Recent Links' feature.
  • Researchers scraped 80,000+ submissions containing secrets from banks, government agencies, and technology companies; data persisted beyond intended expiration.
  • The site's architecture inadvertently turned it into a data harvester — users who pasted sensitive information had it exposed to public scraping.
  • No business registration or owner contact details publicly available; site operates under privacy-protected Cloudflare registration.
  • No direct contact email, phone, or postal address listed on the site.
  • Brand impersonation flag detected (Minecraft reference in page data), though searches suggest this is unrelated to the site's core function.
Positive Signals
5
  • Domain is 12 years old with consistent operation as a developer utility site.
  • Zero detections from our antivirus network and clean browser blocklists.
  • Valid SSL certificate issued by Let's Encrypt with 83 days to expiry.
  • 4-star rating on Trustpilot based on 6 user reviews; no fraud or phishing complaints found.
  • Clean hosting IP with zero abuse reports and zero reputation issues.
AI Recommendation
Do not paste sensitive data — passwords, API keys, database credentials, or personal information — into CodeBeautify or similar online code-formatting tools. If you have already done so, assume that data may have been exposed and take appropriate security measures (rotate credentials, monitor accounts, etc.). The site itself is not malicious, but its architecture creates an unintended data-exposur
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for codebeautify.org, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
12 yrs
Registered Sep 2013
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports · 1 positive
Key findings
7 headline facts from open-web research
  • Domain created 2013-09-25 (over 12 years old), registered with Cloudflare, expires 2029-09-25.
  • Popular online code formatter/beautifier with tools for JSON, XML, HTML, etc.; offers 'Save Online' feature generating shareable links (format: codebeautify.org/{tool}/{id}).
  • WatchTowr Labs research (Nov 2025) found thousands of secrets (passwords, keys, PII, credentials from banks/gov/tech) exposed via public 'Recent Links' and saved content on CodeBeautify and related jsonformatter.org.
  • Researchers scraped ~80k+ submissions; data persisted beyond intended expiration in some cases, with active scraping of credentials observed.
  • Trustpilot shows 4-star rating based on 6 reviews (company profile lists it as software/developer tools company).
  • No direct user scam, fraud, malware, or phishing complaints found in searches; site has content policy against malware/phishing.
  • No business registration or owner details publicly available beyond self-published 'About Us' page.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • WatchTowr Labsopen

    "Researchers uncovered 5GB of leaked credentials from JSONFormatter and CodeBeautify, exposing sensitive data across critical sectors."

  • BleepingComputeropen

    "Researchers at WatchTowr examined the JSONFormatter and CodeBeautify online platforms and found that their Recent Links feature provided access to JSON snippets that users had saved."

  • WatchTowr Labsopen

    "CodeBeautify (https://codebeautify.org). These tools are extremely popular... 80,000+ downloaded submissions from JSONFormatter and CodeBeautify; thousands of secrets found."

Positive reviews (1)
Quotes indicating the site is legitimate.
  • Trustpilotopen

    "Do you agree with Codebeautify's 4-star rating? Check out what 6 people have written so far."

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Security researchers at WatchTowr Labs published findings in November 2025 documenting that CodeBeautify's 'Recent Links' feature exposed thousands of user credentials, passwords, API keys, and personally identifiable information from banks, government agencies, and technology companies. Researchers scraped over 80,000 submissions and confirmed the leaked data persisted beyond intended expiration dates, with active scraping of credentials observed. This is a data-security architectural flaw, not a scam or phishing operation. Independent review aggregators show a 4-star rating based on 6 user reviews, with no fraud or phishing complaints found.

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious60Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles10
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.
  • Page impersonates Minecraft on a non-official domain.
  • Links to 11 social profiles.

Domain & Encryption

Domain History
Age13 years old
RegistrarCloudflare, Inc.
RegisteredSep 25, 2013
ExpiresSep 25, 2029
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YE1
ExpiresSep 8, 2026 (83d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare
PopularityNot in popularity top list

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://codebeautify.org/
  • 2200https://codebeautify.org/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

  • Treat codebeautify.org as unverified

    Do not enter credentials or send money until you have independently verified the business.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

a.pub.networkb.pub.networkc.pub.networkd.pub.networksecure.quantserve.comrules.quantcount.compixel.quantserve.comcmp.quantcast.combtloader.comapi.btloader.comconfiant-integrations.global.ssl.fastly.netjsonformatter.orgpixelateimage.iochrome.google.comtwitter.comfacebook.comlinkedin.cominstagram.comgoo.glcodeblogmoney.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review marked codebeautify.org as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.
  • codebeautify.org currently scores 55/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.
  • Yes. codebeautify.org presents a valid TLSv1.3 certificate issued by Let's Encrypt · YE1, expiring in 83 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • codebeautify.org is 12.7 years old, registered on 9/25/2013 through Cloudflare, Inc.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report codebeautify.org as clean.
  • No. codebeautify.org is not currently listed on the major browser blocklist feeds that modern browsers use.
  • codebeautify.org resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 17, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around codebeautify.org have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·codebeautify.org
SUSPICIOUS

CodeBeautify is a legitimate 12-year-old code-formatting utility site, but recent security research exposed a critical flaw: its 'Recent Links' feature publicly leaked thousands of saved credentials, passwords, and API keys from users across banks, government, and tech companies. Do not paste sensitive data into this or similar online tools.

Do not paste sensitive data — passwords, API keys, database credentials, or personal information — into CodeBeautify or similar online code-formatting tools. If you have already done so, assume that data may have been exposed and take appropriate security measures (rotate credentials, monitor accounts, etc.). The site itself is not malicious, but its architecture creates an unintended data-exposur

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Suspicious reports

Browse all reports
Suspicioustrust44
recomhub.co
20m ago
Read the review
Suspicioustrust69
media.ytmp3.gg
27m ago
Read the review
Suspicioustrust59
456movie.nl
27m ago
Read the review
Suspicioustrust50
nb.besty9oi.asia
38m ago
Read the review
Suspicioustrust57
stratelabs.ca
1h ago
Read the review
Suspicioustrust66
aipctshop.com
2h ago
Read the review
Suspicioustrust66
anibd.thankpet.com
3h ago
Read the review
Suspicioustrust66
b7510.com
3h ago
Read the review
Suspicioustrust73
novelcrow.com
3h ago
Read the review
Suspicioustrust75
allporncomic.com
3h ago
Read the review
Suspicioustrust47
hianime.lol
3h ago
Read the review
Suspicioustrust53
wavebrowser.co
3h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.