diplomatic-colors-302626.framer.app
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of diplomatic-colors-302626.framer.app
This domain appears to be a page hosted on Framer, a website-building and publishing platform. The metadata is generic ("My Framer Site" / "Made with Framer"), which suggests the page may be a quickly deployed or minimally customized project rather than a fully branded standalone website. The screenshot shows a login-style interface labeled "Zimbra" and "Connexion," indicating that the page may be presenting itself as a webmail or account sign-in portal.
Based on the visible content, the site does not appear to function as a general informational website or business homepage. Instead, it seems focused on collecting user credentials through a simple username-and-password form. Because it is hosted under a platform subdomain rather than an obvious official mail-service domain, the page may be intended to imitate or replicate a third-party login experience.
Safety Assessment for diplomatic-colors-302626.framer.app
Scan results show that 2 out of 91 security engines flagged this URL at the time of the scan, both identifying it as phishing-related. In addition, the page screenshot shows a login form branded as "Zimbra," while the actual domain is an unrelated Framer subdomain. That mismatch is a meaningful warning sign because the site may be attempting to resemble a legitimate email login page without using an official domain associated with that service.
A separate malware scan marked the page and several linked Framer-hosted resources as suspicious, although those detections appear to be generic heuristic findings rather than named malware-family identifications. Blacklist and threat-database checks were otherwise clean at the time of the scan, and no DNS-based blocklist listings were reported. Even so, clean blacklist status does not outweigh the phishing detections and the credential-collection appearance of the page.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid Let's Encrypt SSL certificate and is hosted on Framer infrastructure in Amsterdam, with the web server identified as Framer/31fe488. The domain has been active for several years, but this is a platform-hosted subdomain rather than a dedicated standalone domain, which can make rapid deployment easier for both legitimate users and abusive campaigns.
DNSSEC appears to be unsigned, which is common but provides less DNS integrity assurance than a signed configuration. The page loads multiple JavaScript and image assets from framerusercontent.com, consistent with Framer-hosted sites. The main technical concern here is not the TLS setup itself, but the apparent use of a generic hosted page to present a third-party-branded login form.
Share your experience with this website. Was it safe? Did you encounter any issues?