New Registrations
Steam phishing domains
Newly registered lookalikes - tracked daily
Steam phishing domains
Newly registered lookalikes - tracked daily
Tracked (7d)
6
New (24h)
2
vs avg
—
Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.
| Last check (UTC) | First seen (UTC) ▾ | URL | Screenshot | Flags | Details |
|---|---|---|---|---|---|
| 2026-06-30 02:01 | 2026-06-30 02:01 | ![]() |
Details | ||
| 2026-06-30 02:01 | 2026-06-30 02:01 | ![]() |
Details | ||
| 2026-06-25 02:32 | 2026-06-25 02:32 | ![]() |
Details | ||
| 2026-06-25 02:32 | 2026-06-25 02:32 | ![]() |
Details | ||
| 2026-06-24 01:52 | 2026-06-24 01:52 | ![]() |
Details | ||
| 2026-06-23 03:04 | 2026-06-23 03:04 | ![]() |
Details |
Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.
| URL | Screenshot | Details |
|---|---|---|
| https://steamcommunity-xerry.…
|
![]() |
Details |
| https://steamcommunity-herry.…
|
![]() |
Details |
| https://steamcommunity.run
|
![]() |
Details |
| https://steam-wallet.com
|
![]() |
Details |
| https://steamcommunityg.com
|
![]() |
Details |
| https://www-steamcommunity.com
|
![]() |
Details |
AIHow to verify a real Steam URL
- Legitimate Steam URLs always end in
store.steampowered.com(e.g.www.store.steampowered.com,account.store.steampowered.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like.xyz/.top/.vip— is not Steam. - The domains listed above were registered within the last 7 days. New-domain age is itself a signal — Steam has owned
store.steampowered.comfor years; brand-new look-alikes are almost never legitimate. - If you got the link from email, SMS, or social media, do not click it. Open
store.steampowered.comfrom your browser bookmark or type the domain manually. - Real Steam pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.





