clownfish-app-2y4tw.ondigitalocean[.]app
Category: Information Technology, Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of clownfish-app-2y4tw.ondigitalocean[.]app
This domain appears to host a web application presented as a Meta-branded “Accounts Centre” or “Privacy Centre” page, with content referencing a “Meta Agency Partner Program” and a participation request workflow. The page title and visual design suggest it is attempting to resemble an account-management or business onboarding interface associated with Meta/Facebook services rather than an independent informational website.
Based on the domain structure, the site is running on a subdomain of a cloud application platform rather than on an official Meta-owned domain. The content, branding cues, and references to Facebook assets indicate the page may be intended to collect user interaction under the appearance of a legitimate business or account-verification process. No evidence in the provided data suggests this is operated by Meta itself.
Safety Assessment for clownfish-app-2y4tw.ondigitalocean[.]app
Multiple risk indicators are present in this scan. The domain was flagged by 22 out of 91 security engines, and available categorization data labels it as phishing. In addition, the page content appears to imitate Meta branding while being hosted on a third-party application subdomain, which is inconsistent with how major platforms typically deliver official account-center pages. The screenshot shows a call to action inviting the visitor to “Join Meta Agency Program,” which may be used as a lure for credential theft or other social-engineering activity.
The domain also closely resembles the name of a well-known infrastructure provider and may be a look-alike, while the page itself visually resembles Meta/Facebook services. That combination can increase the likelihood of user confusion. Although the malware scan did not detect malicious files and several blacklist databases were clean at the time of this scan, phishing pages often contain little or no malware and instead rely on deceptive branding and forms.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid TLS certificate issued by a mainstream certificate authority, with expiry shown as 2026-06-28. It is served through Cloudflare infrastructure, with the resolved IP associated with Cloudflare and nameservers also delegated to Cloudflare. DNSSEC appears to be unsigned. The hosting setup suggests a modern web application stack, and the discovered asset paths indicate a JavaScript-heavy frontend, likely built with Next.js.
From a security-review perspective, the main concern is not transport encryption but the apparent mismatch between the site’s branding and its hosting/domain context. A valid certificate and CDN-backed delivery do not by themselves establish legitimacy. The lack of MX records noted in the similarity check, the absence of ranking data, and the use of a platform subdomain for a page imitating a major brand may be relevant risk indicators.
Share your experience with this website. Was it safe? Did you encounter any issues?