ScamLens
Cached < 6hAnonymous (3/day)

Security Report for 0qh7kk5z-80.euw.devtunnels.ms

ScamLens analyzed 0qh7kk5z-80.euw.devtunnels.ms using 90+ threat intelligence sources and assigned a trust score of 13/100, classifying it as dangerous.

Trust Score: 13/100

Risk Level: Dangerous

This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.

Site Title
0qh7kk5z-80.euw.devtunnels.ms
Website meta information unavailable
HTTPS ✓
1
Checked 1 times

Quick Answer

This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.

Positive Signals

  • + Google Safe Browsing: Safe
  • + HTTPS encryption supported

Concerns

  • - 3 security sources flagged as suspicious

Score Breakdown

Domain Reputation 50
Threat Intelligence 96
19/22 safeSafeBrowsing OK
Technical Security 68
HTTPSHSTS
Community Reputation 50
No community data yet

Was this assessment accurate?
0 say Safe0 say Suspicious
What do you think?
What to do next

0qh7kk5z-80.euw.devtunnels.ms is confirmed malicious

Multiple threat-intelligence feeds agree this domain is dangerous. Treat any data you entered as compromised.

Confidence:High
  1. Close the tab immediately
    Continued browsing increases the chance of drive-by downloads, exploit kits, or session hijacking.
  2. Run a full antivirus / malware scan
    If the site loaded scripts, scan your device. Update your OS and browser to the latest version first.
  3. Change passwords for any account you entered
    Rotate the password and enable two-factor authentication on the real site. Watch for unauthorised charges over the next 30 days.
  4. Report the incident
    Reporting helps blocklists update faster and protects other potential victims.
Cross-check with independent scanners

Trust but verify — open this domain on unrelated security services and compare the verdict.

VirusTotalurlscan.ioGoogle Safe Browsing
How we decide thisReport this site

Threat-intelligence sources

Checked across 27 sources — 3 flagged this domain

Show source breakdown
  • safe_browsing clean
  • urlhaus clean
  • cloudflare_radar clean
  • cert_transparency clean
  • alienvault_otx clean
  • phishstats clean
  • virustotal flagged
  • ipqs clean
  • abuseipdb clean
  • securitytrails clean
  • phishdestroy clean
  • threatfox clean
  • shodan_internetdb flagged
  • phishtank clean
  • urlscan clean
  • rdap clean
  • maltiverse clean
  • dns_security flagged
  • wanted_domains clean
  • darkweb clean
  • hagezi_tif clean
  • openphish clean
  • scam_blocklist clean
  • maltrail clean
  • crypto_scam_feed clean
  • phishing_army clean
  • red_flag_domains clean

ScamLens aggregates real-time signals from 90+ commercial and open-source threat-intelligence providers including Google Safe Browsing, VirusTotal, PhishTank, URLhaus, ThreatFox, Cloudflare Radar, OTX, IPQS, GoPlus, Honeypot.is, and more. A flagged signal is evidence; the absence of flags is not proof of safety. Use the signals below alongside community reports to decide.

Advanced Scan

Comprehensive data lookup across premium sources

$2.99one-time payment
  • Website history verification
  • Detailed WHOIS information
  • Reverse WHOIS association
  • Traffic rank analysis
  • Company registration check
Recommended

AI Deep Investigation

Cross-check the story, claims, and supporting evidence before you decide

$4.99one-time payment
  • Everything in Advanced Scan
  • AI website content analysis
  • AI cross-reference verification
  • Claim authenticity validation
  • Detailed report with evidence
Most Thorough

Comprehensive Investigation

Full-spectrum investigation with company deep search & social intelligence

$14.99one-time payment
  • Everything in Deep Investigation
  • AI company background search
  • Social media intelligence
  • Detailed suspicious point analysis
  • Event timeline & entity connections

This analysis is for informational purposes only and does not constitute a legal determination.

Security Sources

Google Safe Browsing
Safe
Cloudflare Radar
Safe
URLhaus (abuse.ch) Confidence: Medium
Not Listed
Certificate Transparency Confidence: Low
Not Listed
AlienVault OTX Confidence: Medium
Not Listed
PhishStats Confidence: Low
Not Listed
VirusTotal Confidence: Medium
Unsafe
IPQualityScore Confidence: Low
Not Listed
AbuseIPDB Confidence: Medium
Not Listed
SecurityTrails Confidence: Low
Not Listed
PhishDestroy Confidence: Medium
Not Listed
ThreatFox (abuse.ch) Confidence: Low
Not Listed
Shodan InternetDB Confidence: High
Unsafe
PhishTank Confidence: Low
Not Listed
URLScan.io Confidence: Low
Not Listed
RDAP Domain Registration Confidence: Low
Not Listed
Maltiverse Confidence: Low
Not Listed
DNS Security Confidence: High
Unsafe
Law Enforcement Confidence: Low
Not Listed
darkweb Confidence: Low
Not Listed
HaGeZi Threat Intelligence Confidence: Medium
Not Listed
OpenPhish Confidence: Low
Not Listed
Scam Blocklist (Jarelllama) Confidence: Low
Not Listed
Maltrail (stamparm) Confidence: Low
Not Listed
Crypto Scam Feed Confidence: Low
Not Listed
Phishing Army Confidence: Low
Not Listed
Red Flag Domains Confidence: Low
Not Listed

Domain Information

DNSSEC
Disabled

SSL/TLS Certificate

No data available

Server Information

IP Address
20.103.221.187
Hosting Provider
Microsoft Corporation
ASN
AS8075 Microsoft Corporation
Server Location
Amsterdam, Netherlands
Organization
Microsoft Azure Cloud (westeurope)

Related Intelligence
Technical Details (DNS / Headers / Subdomains)

DNS Records

Email Security

SPF Not Configured DMARC Not Configured
Type Value
A 20.103.221.187
CNAME tunnels-prod-rel-euw-live-tm.trafficmanager.net

HTTP Security Headers

Security header detection was blocked by the target website (e.g. rate limiting or access restriction). Results may be inaccurate.

Channels / Subdomains

No data available

Community Reports

Log in to report and share your experience

...

Report & Take Down This Website

High-Risk Signals

The risk signals are strong enough. Move on evidence preservation, reporting, and victim response now

This result is no longer just a normal verification case. Moving the chat, phone, payment, and official-reporting path in parallel is usually more important than waiting for more data.

Recommended First

Move into the victim action plan

If you already paid, logged in, or installed tools, use the action plan first to prioritize containment and evidence work.

Move into the website-reporting flow

Move the site, payment evidence, chat trail, and contact points into the formal reporting path.

Add the chat, DM, and payment-pressure trail

Keep the Telegram, WhatsApp, social DM, and payment-pressure trail in the same timeline.

Check the callback number and SMS

If the actor also used calls, SMS, or one-time codes, verify that phone path next.

The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.

If a loss already happened, move into the response flow now

Delay is the main risk with high-risk domains. Prioritize freezes, credential resets, reporting, and evidence preservation now.

Start the response

If no loss happened yet, continue with the website-reporting and official-agency paths next.

Related Security Guides

Learn more about how to protect yourself from this type of threat.

How to Check if a Website Is Safe Phishing Scams Guide

Understanding this threat

Malware Threats

Malicious software including viruses, trojans, ransomware, and spyware that can compromise your device and data.

FAQ

Is 0qh7kk5z-80.euw.devtunnels.ms safe to visit?

0qh7kk5z-80.euw.devtunnels.ms received a trust score of 13/100 from ScamLens, indicating high risk. 2 threat intelligence sources flagged this domain as potentially dangerous. We strongly advise against visiting or sharing personal information.

Was 0qh7kk5z-80.euw.devtunnels.ms flagged by any threat databases?

0qh7kk5z-80.euw.devtunnels.ms was flagged by 2 out of 30+ threat intelligence sources. Specifically flagged by: virustotal, dns_security. The detected threat categories include: general threat.

How old is 0qh7kk5z-80.euw.devtunnels.ms?

Registration date information for 0qh7kk5z-80.euw.devtunnels.ms is not publicly available through WHOIS records, which can itself be a risk indicator.

Does 0qh7kk5z-80.euw.devtunnels.ms use HTTPS and have a valid SSL certificate?

ScamLens could not verify the SSL certificate details for 0qh7kk5z-80.euw.devtunnels.ms during this scan. Treat this as unavailable evidence, not as proof that the site is safe or unsafe.

What security headers does 0qh7kk5z-80.euw.devtunnels.ms implement?

No security header information was available for 0qh7kk5z-80.euw.devtunnels.ms.

What does the ScamLens community think about 0qh7kk5z-80.euw.devtunnels.ms?

No community votes or reports have been submitted for 0qh7kk5z-80.euw.devtunnels.ms yet. You can be the first to share your experience.

Where is 0qh7kk5z-80.euw.devtunnels.ms hosted?

0qh7kk5z-80.euw.devtunnels.ms is hosted by Microsoft Corporation in Amsterdam, Netherlands (ASN: ASAS8075 Microsoft Corporation).

Is this report useful?

Use this report to tell others to stop interacting now and move straight into containment, evidence preservation, and reporting.

Forward to your parents — they deserve to browse safely too.

About this analysis

This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.

Learn about our scoring methodology | Last analyzed: June 4, 2026

All Microsoft Corporation domains