# slizzybux.zabalyazid.workers.dev — SUSPICIOUS

> slizzybux.zabalyazid.workers.dev hosted a phishing page targeting Roblox users. Avoid this domain to protect your credentials and personal data.

## Summary
PhishDestroy identifies slizzybux.zabalyazid.workers.dev as a low-risk generic phishing domain impersonating Roblox gift claims. This campaign attempts to deceive users into revealing sensitive information by mimicking a popular gaming reward platform, posing a threat to personal data security.

The domain was registered through Cloudflare, Inc. on March 05, 2026, and resolved to IP 104.21.33.94 before being taken offline. VirusTotal flagged it by 2 out of 95 security vendors, and it appeared on one security blocklist. The phishing page carried the title "ROBLOX GIFT CLAIM | slizzy Edition," indicating its targeted lure.

Users should avoid interacting with this domain or any links directing to it. If you suspect you have submitted credentials or personal details, promptly change affected passwords and monitor accounts for unauthorized activity. Employ trusted security tools and blocklisted domains to reduce exposure to phishing threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 404)
- Page title: ROBLOX GIFT CLAIM | slizzy Edition

## Domain Intelligence
- Registered: 2026-03-05 19:07:02
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 104.21.33.94
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["BitDefender", "G-Data"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbf09-ec66-736a-b5e4-a9b0d2f7cdf2.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/slizzybux.zabalyazid.workers.dev
- Wayback Machine: https://web.archive.org/web/https://slizzybux.zabalyazid.workers.dev
- PhishDestroy: https://phishdestroy.io/domain/slizzybux.zabalyazid.workers.dev/
- LLM endpoint: https://phishdestroy.io/domain/slizzybux.zabalyazid.workers.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slizzybux.zabalyazid.workers.dev/
Last updated: 2026-03-19