tw-im-whatsapp.tw.cn
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of tw-im-whatsapp.tw.cn
This website appears to present itself as a Chinese-language WhatsApp Web companion or “security monitoring” portal. Based on the page title, metadata, and screenshot, it claims to help users monitor linked WhatsApp Web devices, refresh QR codes quickly, and remotely log out sessions. The design and wording suggest it is targeting users concerned about account access and device security, particularly for business or overseas-use scenarios.
The domain naming pattern prominently includes the word “whatsapp” and uses multiple related subdomains that resemble chat, web, and app entry points. Based on available data, the site does not appear to be an official WhatsApp-owned domain, and the operator is not clearly identified in the provided scan details. Its presentation may therefore be intended to mimic or closely associate with WhatsApp Web functionality rather than serving as a clearly independent informational site.
Safety Assessment for tw-im-whatsapp.tw.cn
Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 11 out of 91 security engines, with several classifying it as phishing or fraud-related. In addition, multiple web-classification providers categorized it as phishing, and the page content appears to reference WhatsApp branding and account/device management features in a way that may cause confusion about whether the site is officially connected to WhatsApp.
Blacklist and reputation data were mixed rather than fully clean. Major content-malice databases in the provided scan did not report active listings, but the domain's IP address was listed on one mail-reputation blocklist, and one additional blacklist source also returned a malicious-object style listing. The malware scan did not find flagged files, but its generic object label is lower-confidence than the broader multi-engine phishing consensus.
Taken together, the use of a well-known brand name in the domain, the phishing classifications from multiple independent security engines, and the lack of clear operator transparency are meaningful warning signs. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate that, at the time of this scan, was set to expire on 2026-09-28. It appears to be served by nginx from IP address 156.239.9.106, hosted by Binary Networks Solutions LLC in Hong Kong. DNSSEC was not enabled, and WHOIS lifecycle details such as creation and expiry dates were not available in the provided data.
From a technical trust perspective, the presence of TLS is positive but does not by itself establish legitimacy. The domain structure uses numerous related subdomains containing WhatsApp-themed naming, which may indicate a broader campaign or clustered infrastructure. Combined with the phishing detections, that naming pattern may warrant additional caution.
Share your experience with this website. Was it safe? Did you encounter any issues?