Question 1

How does ScamLens calculate trust scores?

Accepted Answer

ScamLens calculates trust scores from 0-100 by aggregating data from 30+ threat intelligence sources. Factors include domain age, TLD risk, DNSSEC, security headers, SSL validity, homograph detection, brand impersonation, redirect chains, and community reports.

Question 2

How many threat intelligence sources does ScamLens use?

Accepted Answer

ScamLens integrates 22 web threat intelligence providers (Google Safe Browsing, VirusTotal, AlienVault OTX, IPQS, AbuseIPDB, URLhaus, PhishTank, Cloudflare Radar, Certificate Transparency, SecurityTrails, PhishDestroy, ThreatFox, Shodan, URLScan, RDAP, Maltiverse, DNSBL, DNS Security, APIVoid, PhishStats, DarkWeb Intel, Wanted Domains) plus 9 crypto providers (GoPlus, Etherscan, Honeypot.is, TokenSniffer, Moralis Labels, ChainAbuse, CryptoScamDB, Chainalysis Sanctions, Scorechain Sanctions). 31 unique provider integrations. OpenSanctions consolidated sanctions collection screening is integrated for both web and crypto, covering UN Security Council, EU Financial Sanctions, UK FCDO, US OFAC SDN, Israel MOD, Japan MOF, France Trésor, plus the UK HM Treasury Asset Freezing Targets list (published separately). 1,460+ cryptocurrency wallet addresses across all jurisdictions, refreshed daily.

Question 3

How does ScamLens handle false positives?

Accepted Answer

ScamLens has a feedback loop where users can report false positives or false negatives. Reports are reviewed by moderators. The system tracks accuracy metrics and continuously improves scoring based on community feedback.

Question 4

What is a trust score and what do the levels mean?

Accepted Answer

A trust score ranges from 0 to 100. Dangerous (0–14): Multiple threat sources flag this domain as malicious. Low (15–34): Significant risk indicators found, exercise extreme caution. Medium (35–64): Some concerns detected, verify before interacting. High (65–100): No significant threats detected, appears safe.

Question 5

How often is threat intelligence data refreshed?

Accepted Answer

ScamLens runs automated threat intelligence pipelines every 6 hours, refreshing the cached domain database. When you submit a domain for the deep web report (POST /v1/public/domain/intelligence), the system queries the 22-provider pipeline in parallel and aggregates whichever sources respond within a 12-second timeout. Community reports and votes update in real-time. The free Chrome extension and quick-check API endpoint return a heuristic-only score for privacy and rate-limiting reasons; the deep multi-provider analysis is on the web report and the paid B2B endpoint.

Question 6

Does ScamLens check cryptocurrency addresses?

Accepted Answer

Yes. ScamLens checks crypto addresses across 8 blockchains (Ethereum, BSC, Polygon, Arbitrum, Optimism, Base, Bitcoin, Solana) using GoPlus Security and Etherscan. It detects honeypot tokens, rug pulls, high-tax tokens, and malicious contracts. Sanctions screening covers the full OpenSanctions consolidated sanctions collection (1,455+ cryptocurrency wallet addresses, refreshed daily) spanning 80+ designating authorities, plus the UK HM Treasury Asset Freezing Targets list. Coverage is limited to addresses that the designating authority has explicitly published as cryptocurrency wallets — many sanctions designations target persons or legal entities without disclosing associated wallet addresses, and those persons are not covered by this product. Stablecoin issuer blacklists (Tether USDT, Circle USDC on-chain freeze events) are tracked separately and surfaced as a distinct high-risk signal.

Question 7

Is ScamLens open source?

Accepted Answer

ScamLens Chrome extension (OrangeDuck) is open source on GitHub. The scoring algorithm is transparent — all factors and their weights are documented on this methodology page. The threat intelligence aggregation backend is proprietary but the API is publicly available for developers.

Question 8

How does the AI risk summary work?

Accepted Answer

ScamLens uses a multi-model AI system (Claude, Gemini, Grok) with automatic fallback. The AI analyzes all threat source results, domain metadata, and community data to generate a human-readable risk summary in the user's language. AI outputs are validated against source data to prevent hallucinations.

Start Here

Safety Check

Intelligence

Tools & Reports

Premium Services

Extension & API

Methodology

Trust Score Algorithm

Scoring Factors

30+ Threat Intelligence Sources

Cryptocurrency Analysis

False Positive Handling

Data Freshness

Chrome Companion for Safer Browsing