staemconmumity.click

https://staemconmumity.click/gift

62.60.226.105 · Femo IT Solutions Limited

Location

Frankfurt am Main, Germany

Domain Age

7 days ⚠

HTTP

200 · 31.3s

SSL

Valid· R12, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Steam Gift Activation"

Save

Domain Intelligence: staemconmumity.click

Scanned 5 times since Feb 22, 2026, 09:06 AM UTC

✗ Critical (100)

Take this site down

Report to 50+ vendors instantly

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Steam

Credential Phishing

technology | ecommerce | finance | cryptocurrency | gaming · 4/5/2026

Summary

This domain staemconmumity.click is impersonating Steam. The page title Steam Gift Activation and visual branding mimic Steam's UI, while the domain is a new, suspicious .click TLD. The site uses SPA-like behavior to render credential capture and posts data to an in-domain endpoint, indicating attempts to harvest account credentials under a Steam-themed façade.

Attack Techniques (5)

Brand impersonation via page title and visuals resembling SteamTyposquatting/brand-mimic domain with deceptive similarity to Steam (staemconmumity.click vs steamcommunity or steam domain family)Single-Page Application (SPA) style page rendering credential form via JavaScript (static HTML has 0 forms)Inclusion of official Steam assets and scripts loaded from Steam/fastly domains to appear legitimateCredential collection endpoint via in-domain POST request (POST to staemconmumity.click/754e2d58790254025f0446)

Indicators of Compromise (6)

▸DOMAIN: staemconmumity.click (high-risk new domain, 7 days old)

▸PAGE TITLE: Steam Gift Activation (impersonation of Steam)

▸POST endpoints: https://staemconmumity.click/754e2d58790254025f0446

▸Network requests include Steam assets loaded from store.fastly.steamstatic.com and steamstatic.com domains, signaling cloning of Steam UI

▸SSL cert: Let's Encrypt, issued 2026-02-14 (very new) for staemconmumity.click

▸Domain age 7 days; TLD .click (suspicious for impersonation)

Risk AssessmentUsed in abuse reports

The page is a deliberate impersonation of Steam, leveraging a newly registered .click domain and a Steam-themed UI to harvest credentials. The site mirrors Steam branding in the title and loads Steam assets to appear legitimate, while the domain is unrelated to Valve/Steam. The SPA structure with dynamic credential capture and in-domain POSTs presents a high risk of credential theft. The SSL certificate is recently issued by Let's Encrypt, which is common for phishing but does not mitigate risk; combined with a seven-day domain and suspicious TLD, this is a high-confidence abuse case requiring urgent takedown and suspension actions. Evidence includes: impersonated page title (Steam Gift Activation), SPAs with dynamic forms, in-domain POST to a suspicious endpoint, and new domain with WHOIS showing recent creation and low age; these collectively indicate active credential harvesting.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence