sincere-usability-272022.framer.app
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of sincere-usability-272022.framer.app
This domain appears to be a page hosted on Framer, a website-building and content-hosting platform. The URL structure uses a generated subdomain rather than a branded business domain, and the page title is simply "Home," which provides little identifying information about a legitimate organization behind it.
Based on the screenshot, the page presents itself as an Xfinity sign-in screen and asks visitors to enter an email, mobile number, username, and password. It also includes Xfinity-themed branding and promotional imagery, suggesting that the page may be attempting to imitate a telecommunications customer login portal rather than functioning as an independent informational website.
The site appears to be operated through Framer's hosting infrastructure rather than through an official Xfinity-owned domain. Based on the available content and branding shown, it may be intended to collect account credentials from users who believe they are signing in to a legitimate service.
Safety Assessment for sincere-usability-272022.framer.app
Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 19 out of 91 security engines, with many of those detections classifying it as phishing or otherwise malicious. In addition, it was listed by major threat databases for social-engineering activity, and another phishing-focused database also listed the domain. The screenshot further shows a login form styled to resemble an Xfinity account page, while the actual domain is a Framer subdomain rather than an official Xfinity web address.
There is also a weaker secondary signal from mail-reputation data: the domain's IP address appears on one DNS-based blocklist. On its own, that type of listing would not be strong evidence about website content, but in this case it appears alongside broad multi-engine phishing detections and a page design that resembles a branded credential-harvesting portal. Although one malware scan reported no flagged files and only a generic heuristic note, that cleaner result is outweighed by the stronger phishing indicators and the visible impersonation pattern.
Based on these findings, this website may pose potential risks to visitors, particularly anyone asked to enter account credentials or personal information.
Technical Description
The site uses a valid Let's Encrypt SSL certificate with an expiry in September 2026, which means traffic to the page appears to be encrypted in transit. It is hosted on Framer B.V infrastructure, served by a Framer web server from an IP address geolocated to Amsterdam, Netherlands. The domain uses AWS nameservers and its WHOIS age is approximately five years, though that age reflects the framer.app subdomain's parent registration context more than proof of legitimacy for this specific hosted page.
DNSSEC appears to be unsigned, which is not uncommon but does mean DNS responses may lack an additional layer of authenticity protection. The main technical concern is not the TLS setup but the mismatch between the hosted subdomain and the branded login experience shown in the page content, combined with external phishing listings and multi-engine detections at the time of this scan.
Share your experience with this website. Was it safe? Did you encounter any issues?