EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of stemapoveredi.webservis.ru

Detection Info

http://stemapoveredi.webservis.ru
Detected Brand
Steam
Country
International
Confidence
100%
HTTP Status
200
Report ID
c5cbd1c3-4bf…
Analyzed
2026-01-04 01:38
Final URL (after redirects)
http://stemapoveredi.webservis.ru/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T122E2B4354065187B8343B199EE71AB0F36DA47BE9B066F1506FC0B692FD3C94CA36618
CONTENT ssdeep
768:xpamewfp156DLUtQaG2JfcRh+sjk58F1z5jQdhfqcdbhz7:xpamewfp156DItQaG2JkRh+6FF1z5jQz

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
c398e3e4e3b0b1b8
VISUAL aHash
ff3c3c3c20202020
VISUAL dHash
4971715168626848
VISUAL wHash
ff3c3d3d3c303030
VISUAL colorHash
00007000000
VISUAL cropResistant
0c1c4d4d4d4d0400,4971715168686848

Code Analysis

Risk Score 95/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Credential harvesting phishing
• Target: Steam users
• Method: Fake Steam login page stealing Steam account credentials (username, password, email, email password).
• Exfil: Data likely sent to attacker-controlled server (potentially via the login.php script indicated in the form action).
• Indicators: Domain mismatch (stemapoveredi.webservis.ru vs steampowered.com), obfuscation detected, multiple forms.
• Risk: HIGH - Immediate theft of Steam account credentials, potential for account takeover and financial loss.

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • eval
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

🎯 Kit Endpoints

  • https://steamcommunity.com/login/home/?goto=login%2Fhome%2F
  • https://steamcommunity-a.akamaihd.net/public/javascript/login.js?v=AlzEIxGjka1Z&l=russian
  • login.php
  • https://steamcommunity-a.akamaihd.net/public/css/skin_1/login.css?v=Lx1btH6eeqhr
  • javascript:LoginComplete();

📡 API Calls Detected

  • POST

📤 Form Action Targets

  • #
  • login.php

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Steam
http://www.color.hop.ru/
Jun 04, 2026
 Screenshot
Steam
http://www.steamcamunity.hop.ru/
May 11, 2026
 Screenshot
Steam
http://storesteampowere.bos.ru
Jan 04, 2026
 Screenshot
Steam
http://steampawered.hop.ru
Jan 03, 2026
 Screenshot
Steam
http://steamcamunity.hop.ru
Jan 03, 2026
😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.