tg-verification.online
Category: Suspicious
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of tg-verification.online
The domain tg-verification.online appears to present itself as a Telegram-related informational page. The screenshot shows a page titled "Telegram FAQ" with navigation items such as Home, FAQ, Apps, API, and Safety, and the visible content resembles a help or documentation page for the Telegram messaging platform. Based on the domain name, the site may be attempting to attract users looking for Telegram account verification or support information.
At the same time, the domain itself does not appear to be an obvious official Telegram domain. The combination of a Telegram-themed name, a very recent registration date, and a generic .online extension may indicate that this is an unofficial third-party page rather than a primary service domain operated by Telegram. Available page assets suggest the site may be built with a landing-page or template-based framework rather than a long-established corporate documentation platform.
Safety Assessment for tg-verification.online
Several scan signals raise caution for this domain at the time of this scan. It was flagged by 4 out of 91 security engines, including classifications such as suspicious, spam, and phishing, and one blacklist database also listed the domain. In addition, the site is only 3 days old, has no established popularity ranking, and uses a domain name that closely references Telegram while not appearing to match Telegram's main official web presence.
The page content shown in the screenshot looks relatively benign on its face, but that alone does not remove risk. Newly registered domains that reference well-known platforms may be used for impersonation, traffic redirection, credential harvesting, or other deceptive activity before broader reputation systems fully catch up. The malware scan did not identify confirmed malicious files, but it did produce a generic suspicious-object heuristic across the domain and many linked assets, which is a lower-confidence signal but still relevant when combined with the other findings.
Overall, the strongest concerns here are the multi-engine detections, the phishing-related classification from one engine, the very recent registration, and the Telegram-themed branding on a non-obvious official domain. Based on these findings, this website may pose potential risks to visitors.
Technical Description
From a technical perspective, the domain appears to be hosted on an nginx/1.24.0 (Ubuntu) server at IP address 87.120.107.209, geolocated to Helsinki, Finland, with hosting attributed in the scan data to Mykyta Skorobohatko. The domain uses REG.RU nameservers and DNSSEC is unsigned. The site was registered very recently and is set to expire one year after creation, which is common for short-term registrations but can also be seen with disposable campaign infrastructure.
A notable concern is that SSL/TLS was reported as invalid or missing at the time of this scan, with no certificate details available. For a site presenting itself as related to account verification or platform support, missing or invalid HTTPS may increase the risk of interception, user mistrust, or misconfiguration. No confirmed malicious files were identified in the file scan, but numerous internal asset URLs were heuristically flagged, which may reflect template-generated content or suspicious page structure rather than confirmed malware.
Share your experience with this website. Was it safe? Did you encounter any issues?