personal-run-388667.framer[.]app
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of personal-run-388667.framer[.]app
This domain appears to be a page hosted on Framer's app subdomain rather than an official standalone corporate website. The page title and screenshot indicate that it is presenting itself as a "Spectrum Webmail" login page for TWC, Roadrunner, and RR email users, with branding and wording associated with Charter Communications' Spectrum service.
Based on the visible content, the page's purpose appears to be collecting email login credentials through a webmail sign-in form. However, the domain name personal-run-388667.framer[.]app does not match Spectrum's expected brand domain structure, and the page is built on a generic site-builder hosting platform. That combination may indicate that the page is imitating a telecom/webmail login experience rather than operating as an official customer portal.
The site appears to be operated through Framer-hosted infrastructure, but the branding shown on the page suggests an attempt to represent Spectrum services. Based on the available data, there is no clear indication that Charter Communications directly operates this specific Framer subdomain.
Safety Assessment for personal-run-388667.framer[.]app
This website was flagged by 21 out of 91 security engines at the time of the scan, with many detections describing it as phishing or otherwise malicious. In addition, one threat database listing was present, and the malware scan marked the page and related resources as suspicious. While some hosted assets on site-builder platforms can trigger generic alerts, the volume and consistency of the phishing-related detections materially increase concern.
The page content also raises significant credibility issues. The screenshot shows a Spectrum-branded webmail login form, but it is hosted on a random-looking framer.app subdomain rather than an apparent official Spectrum-owned domain. It also references an external domain, spectrumlogin-webmail.net, which further suggests the page may be attempting to mimic a legitimate telecom login workflow. This mismatch between branding and hosting context is commonly associated with credential-harvesting pages.
Although one blacklist source reported the site as clean and a major browsing-protection database did not list it at the time of this scan, the broader scan results and the visible impersonation cues outweigh those cleaner signals. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid Let's Encrypt SSL certificate and is served from Framer-hosted infrastructure in Amsterdam, Netherlands, with the web server identifying as Framer. HTTPS availability indicates encrypted transport, but it should not be treated as proof of legitimacy because phishing pages also commonly use valid TLS certificates. DNSSEC appears to be unsigned.
The domain itself is a subdomain under framer.app and appears to rely on Framer and framerusercontent.com resources for scripts, images, and page assets. The malware scan flagged the main page and multiple linked resources as suspicious, though many of those resources are standard Framer-hosted components. The more notable technical concern is not the TLS setup but the mismatch between the hosted subdomain and the branded login experience it presents.
Share your experience with this website. Was it safe? Did you encounter any issues?