Is telegram.me a scam?

Our automated security review flags telegram.me as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Is telegram.me safe to use?

No — telegram.me scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.

Does telegram.me have a valid SSL certificate?

Yes. telegram.me presents a valid TLSv1.3 certificate issued by GoDaddy.com, Inc. · Go Daddy Secure Certificate Authority - G2, expiring in 177 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

Has telegram.me been flagged by antivirus engines?

5 out of 91 antivirus engines in our malware network flagged telegram.me as malicious or suspicious (5 outright malicious). Even one detection is a meaningful signal.

Is telegram.me on any phishing or malware blacklists?

No. telegram.me is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is telegram.me hosted?

telegram.me resolves to an IP operated by Telegram Messenger Network in NL (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the telegram.me report updated?

We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

DANGEROUS

Critical risk detected

5 of 91 antivirus engines flag this page as malicious. Our security stack flagged multiple threat indicators on this website. Don't enter personal information, deposit money, or download files.

Security Review

Is telegram.me legit or a scam?

Name: Is telegram.me legit or a scam?
Item: telegram.me
Rating: 1
Author: MalwareTips

Our verdict:Dangerous· 1/100

SafeSuspiciousDangerous

Official Telegram username contact page (@nwwfh8) on legitimate infrastructure but flagged malicious by 5 antivirus engines including ESET and Fortinet, with the path hardcoded in stealers.

Top reasons

Five antivirus engines (ADMINUSLabs, CyRadar, Dr.Web, ESET, Fortinet) flag the page as malicious or malware.Exact path /nwwfh8 hardcoded in multiple malware analysis reports from stealers and phishing kits.Hosting IP has 35 abuse reports and medium abuse score.

telegram.meScanned 40d ago

Post Facebook

Trust score

DANGEROUS

Heuristics 0·MT 25

Category tags

unknown#Phishing85% MT confidence

Technical red flags (1)

5 of 91 engines flagged

Positive signals (3)

Not on major blacklists Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

0/91

Engines flagged this URL

Domain Age

—

Registration date unknown

MT Intelligence

Suspicious

High likelihood · 85% confidence

MT Intelligence

Advanced threat intelligence

MT Security Analyst

High scam likelihoodengineMT · Guardiantrust25/100

MT AgentLive web researchVisual inspection

Confidence

The page is a standard Telegram contact link for @nwwfh8, hosted on official Telegram servers with a 2014 registration date. However, five antivirus engines—ADMINUSLabs, CyRadar, Dr.Web, ESET, and Fortinet—detect it as malicious or malware. The hosting IP has 35 abuse reports, and this exact path shows up in malware sandboxes as part of phishing payloads. One scam report flags telegram.me for brand impersonation, though the domain itself is legitimate. These signals outweigh the clean browser blocklists and sandbox.

Full dossier

Analysis complete

Page Content

Simple page titled 'Telegram: Contact @nwwfh8' prompting users to download Telegram and message the username.
No login forms, emails, phones, or addresses; loads resources from telegram.org.
Appears functional as a legitimate username link.

Infrastructure

Resolves to official Telegram IP 149.154.167.99 (abuse score 20/100, 35 reports).
Valid GoDaddy SSL with 177 days left; one clean redirect, no homoglyphs.
WHOIS unavailable; registered 2014 via GoDaddy on Google nameservers.

Domain History

telegram.me is an official Telegram domain for username links since 2014, referenced in their documentation.
Specific /nwwfh8 path appears in malware reports (e.g., any.run, JoeSandbox) as hardcoded in stealers.
No traffic index; low-profile but established infra.

Web Reputation

5/91 antivirus engines flag as malicious; clean on browser blocklists and sandbox.
One scam report from PhishDestroy calls it brand impersonation (score 66/100), but contradicts official status.
No complaints or positive reviews found.

Risk Factors

Five antivirus engines (ADMINUSLabs, CyRadar, Dr.Web, ESET, Fortinet) flag the page as malicious or malware.
Exact path /nwwfh8 hardcoded in multiple malware analysis reports from stealers and phishing kits.
Hosting IP has 35 abuse reports and medium abuse score.
PhishDestroy flags telegram.me as high-risk brand impersonation.
No contact details or social proof on the page.

Positive Signals

Hosted on official Telegram IP range (149.154.167.99) and domain registered since 2014.
Valid GoDaddy SSL certificate.
Clean on browser blocklists and our sandbox analysis.
Referenced in official Telegram documentation for username links.
No scam family matches or clone indicators.

AI Recommendation

Do not contact @nwwfh8 unless you recognize and trust the user, as the link appears in malware. Use official Telegram apps directly and enable two-factor authentication.

Next-gen fraud intelligence

Evidence-backedCross-checked

Website Preview

LIVE RENDER

telegram.me

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for telegram.me, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration

No public record found

Could not match the site to a registered company — common for small sites.

Clone check

Not a clone

No well-known site's layout or branding detected here.

Typosquat check

No look-alike match

The domain doesn't resemble any well-known brand's spelling.

Web mentions

1 scam report

Key findings

6 headline facts from open-web research

telegram.me registered on 2014-01-07 via GoDaddy, privacy protected, nameservers ns-cloud-d*.googledomains.com.
Resolves to IP 149.154.167.99 in Telegram Messenger Network range (149.154.164.0/22).
Official Telegram domain for username links (e.g., telegram.me/username), confirmed in Telegram.org blog post: 'https://telegram.me/your_bot?start=value'.
Specific path telegram.me/nwwfh8 appears in multiple malware analysis reports (e.g., any.run, JoeSandbox) as hardcoded URL in stealers and phishing payloads.
Flagged by PhishDestroy as high-risk (66/100) brand impersonation, but domain age (2014) contradicts their reported registration date (2026), suggesting possible error.
No widespread scam reports or complaints directly targeting the domain; most 'telegram.me' mentions relate to legitimate use or scam instructions on Telegram app.

Scam reports (1)

Direct quotes from public scam databases, forums, and news.

PhishDestroyopen
"telegram.me is flagged as a brand impersonation targeting Telegram users, with a page titled "Telegram Messenger" designed to mislead users into divulging sensitive information or downloading malicious content."

Research summary

Narrative write-up from our AI analyst, grounded on the facts above

Our research found one scam report from PhishDestroy flagging telegram.me as brand impersonation targeting Telegram users, though it notes a possible error in registration date. The specific /nwwfh8 path appears in malware sandboxes like any.run and JoeSandbox. No complaints, positive reviews, or business registrations found; most mentions relate to legitimate Telegram use.

Antivirus Engines

Detection matrix · live

5 engines flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

5Malicious0Suspicious55Harmless91Engines

of 91

ADMINUSLabs

Malicious· malicious

CyRadar

Malicious· malware

Dr.Web

Malicious· malicious

ESET

Malicious· malware

Fortinet

Malicious· malware

5 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render

Page rendered in a safe sandbox

Requests made2

Unique IPs0

Countries1

Detected brandsNone

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbersNone

Postal addressNot listed

Linked social profiles0

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No phone number listed on the page.
No postal address visible on the page.

Domain & Encryption

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerGoDaddy.com, Inc. · Go Daddy Secure Certificate Authority - G2

ExpiresOct 21, 2026 (177d)

Self-signedNo

Hosting & Technology

HostingTelegram Messenger Network

Server locationNL

Redirect Chain

Hops

Cross-domain

Lookalike

Punycode

1301http://telegram.me/nwwfh8
2200https://telegram.me/nwwfh8

Server Reputation

Hosting

CountryNetherlands

NetworkTelegram Telegram Messenger Inc, VG

IP address2001:67c:4e8:f004::9

Abuse Intelligence

Confidence score20%

Reports on file35

ISPTelegram Messenger Network

Usage typeData Center/Web Hosting/Transit

Scam-Type Likelihood

1 scam-type patterns detected

Scam-Type Likelihood

0 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing

Phishing

Low-level signals

0/100

AI analyst tagged this as phishing.

Scam-Type Likelihood

0 of 13 categories showed signals

Top match: Phishing

Phishing

Low-level signals

0/100

AI analyst tagged this as phishing.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

Do not interact with telegram.me
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
If you already typed your password — change it now
Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.
Report the phishing URL
APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.
Open
Get help on the forum
MalwareTips members can help you assess damage and next steps.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

telegram.org resolve

Safety FAQ

Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.

Our automated security review flags telegram.me as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Final Verdict

Trust / 100

Final Verdict·telegram.me

DANGEROUS

This is an official Telegram page for contacting the username @nwwfh8. Multiple antivirus engines flag it as malicious, and the specific path appears in malware analysis reports. Avoid clicking unless you know and trust this Telegram user.

Do not contact @nwwfh8 unless you recognize and trust the user, as the link appears in malware. Use official Telegram apps directly and enable two-factor authentication.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Dangerous reports

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

Scanned by

harlan4096Staff

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.