quan2.invoice-ads-manager[.]com
Category: Suspicious
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of quan2.invoice-ads-manager[.]com
This domain appears to host a page designed to resemble Meta's account or privacy-related interfaces. The page title and meta description reference "Accounts Centre" and "Meta Accounts Centre," while the screenshot shows branding such as "Meta Privacy Centre" and a "Meta Agency Partner Program" invitation flow. Based on the visible content, the site appears intended to persuade visitors that they are interacting with an official Meta/Facebook business or account-management page.
The domain itself, quan2.invoice-ads-manager[.]com, does not appear to be an official Meta-owned domain. Its structure combines generic business-related terms such as "invoice" and "ads manager," which may be intended to sound plausible to advertisers or page administrators. The presence of Facebook-related assets and Meta-themed wording suggests the page may be targeting users who manage social media advertising accounts or business pages.
Safety Assessment for quan2.invoice-ads-manager[.]com
This website shows multiple risk indicators at the time of this scan. It was flagged by 21 out of 92 security engines, and several web-classification sources categorized it as phishing, fraud-related, or malware-associated. In addition, the screenshot and metadata indicate that the page closely imitates Meta/Facebook branding while operating from a non-official domain, which may be consistent with credential harvesting or account takeover attempts.
Although one malware scan reported no flagged files and several blacklist databases were clean at the time of this scan, those signals do not outweigh the broader pattern of concern. The domain is also extremely new, with an age of about 15 days, and it is not ranked among widely visited sites. A newly registered domain that imitates a major platform's account-management experience may present elevated risk even when some blacklist sources have not yet listed it.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid TLS certificate issued by a mainstream certificate authority, and it is served through Cloudflare infrastructure on IP address 172.66.0.96. This means the connection may be encrypted in transit, but encryption alone does not verify that the operator is legitimate. The domain's DNSSEC status is unsigned, and the nameservers are provided by the registrar.
From an infrastructure perspective, the site appears to use a modern JavaScript web application stack with Next.js-style static asset paths. No malicious files were identified in the limited file scan provided, and no flagged external links or iframes were reported. However, the main technical concern is not the transport layer but the apparent impersonation of a well-known brand on a very recently created domain.
Share your experience with this website. Was it safe? Did you encounter any issues?