# comcastlogin.framer.website — MALICIOUS

> comcastlogin.framer.website impersonates Xfinity and poses a high risk. Stay alert and avoid entering credentials on this suspicious domain.

## Summary
PhishDestroy identifies comcastlogin.framer.website as a high-risk brand impersonation domain targeting Xfinity users. This fraudulent site mimics the official Xfinity login page to trick visitors into revealing sensitive login credentials, potentially leading to identity theft or unauthorized account access.

The domain was registered on November 19, 2021, through CSC Corporate Domains, Inc., and resolves to the IP address 52.223.52.2. It appears on one security blocklist, and 11 out of 95 security vendors on VirusTotal have flagged it as malicious. The site is currently offline, which helps reduce immediate risk but does not erase the potential threat posed while active.

Users should remain vigilant and avoid interacting with comcastlogin.framer.website or sharing any personal information. Always verify the URL before entering credentials, use official channels to access Xfinity services, and consider enabling multi-factor authentication on your accounts to enhance security.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Target brand: Xfinity
- Page title: Xfinity Sign In

## Domain Intelligence
- Registered: 2021-11-19 00:00:00
- Expires: 2026-11-19 00:00:00
- Registrar: CSC Corporate Domains, Inc.
- Country: US
- IP: 52.223.52.2
- IP Country: US
- IP City: Seattle
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ns-1243.awsdns-27.org ns-1818.awsdns-35.co.uk ns-336.awsdns-42.com ns-792.awsdns-35.net
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b5fd8-b637-72d8-a320-1c64bf2210a3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b2590baf-9588-4ed2-ace3-6b0d61445174
- Wayback Machine: https://web.archive.org/web/https://comcastlogin.framer.website
- PhishDestroy: https://phishdestroy.io/domain/comcastlogin.framer.website/
- LLM endpoint: https://phishdestroy.io/domain/comcastlogin.framer.website/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/comcastlogin.framer.website/
Last updated: 2026-03-19