facebook-invoice.platform-partner[.]com
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of facebook-invoice.platform-partner[.]com
This domain appears to be a subdomain under platform-partner.com using the label "facebook-invoice," which suggests it may be intended to reference billing, invoicing, or account-related communication associated with Facebook. Based on the domain structure alone, it does not appear to be an official primary domain of Meta or Facebook, and the naming pattern resembles a branded support or payment-related landing page rather than a standalone business website.
Available classification data indicates that multiple web-classification providers associate this URL with phishing or fraud-related activity. The combination of a newly registered domain, a brand-referencing subdomain, and fraud-oriented categorization suggests the page may have been set up to imitate a legitimate business process such as invoice review, account verification, or payment handling.
At the time of this scan, the visible resources were limited and included Cloudflare-related error and challenge assets, which may indicate the page was behind protective filtering or not fully accessible during inspection. Even so, the domain naming pattern and third-party categorizations provide important context for assessing its likely purpose.
Safety Assessment for facebook-invoice.platform-partner[.]com
This website shows multiple risk indicators at the time of this scan. It was flagged by 22 out of 92 security engines, and several independent web-classification sources categorized it as phishing, fraud-related, or malware-associated. That level of multi-engine agreement is a strong signal that the URL may be involved in credential theft, deceptive account notices, or other social-engineering activity.
The domain also closely resembles a Facebook-related billing or invoice page while not using an official Facebook or Meta-owned primary domain. In plain terms, it may be a look-alike designed to appear connected to a well-known brand. That concern is strengthened by the domain's very recent registration age of only 6 days, which is a common pattern for short-lived phishing infrastructure.
Although some blacklist databases and the malware page scan did not detect active malicious files at the time of inspection, those clean results do not outweigh the broader phishing consensus from security engines and classification providers. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was served through Cloudflare infrastructure on IP address 162.159.140.98, with a valid TLS certificate issued by Google Trust Services and expiring on 2026-08-06. The web server appears to be behind Cloudflare, which can obscure the origin server and is commonly used by both legitimate sites and abusive campaigns. DNSSEC was not enabled, as the domain was reported unsigned.
From an infrastructure perspective, the domain is extremely new, registered on 2026-05-03 through Gransy, s.r.o., and uses the registrar's nameservers. The scan observed only a small number of files and external links, mostly related to Cloudflare challenge and error-handling resources. No malicious files were detected in the limited file scan, but the combination of recent registration, brand-referencing naming, and broad phishing detections remains a notable concern at the time of this scan.
Share your experience with this website. Was it safe? Did you encounter any issues?