EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of www.roblox.com.ml

Detection Info

https://www.roblox.com.ml/users/7914466444/profile
Detected Brand
Roblox
Country
International
Confidence
100%
HTTP Status
200
Report ID
2aba286d-7e0…
Analyzed
2026-01-24 11:59

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1A583437292542437657B79CAF064671EA2D3C70FCA8346E1A6F8D39A0FD6CD1E82344E
CONTENT ssdeep
1536:1I7XWn9rLtZ+zmJSCfvYuOHev8ZO7Hu7Hk7Hw7Hj7Hk7Hs7Hx7Hr7Hx7Ht7HA7HX:e7XWltZ5ggAuOQ7O7E7Q7D7E7M7R7L7G

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b2475361cd9ccc3c
VISUAL aHash
0000c7ffc3c3cfff
VISUAL dHash
c8c82630161e1c1e
VISUAL wHash
0000c3dfc3c3c7ff
VISUAL colorHash
072000100c0
VISUAL cropResistant
c8c82630161e1c1e,d7829a8797d65656

Code Analysis

Risk Score 100/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Roblox credential harvesting phishing attack
• Target: Roblox users
• Method: Fake Roblox webpage with a search form to steal credentials
• Exfil: Unknown (JavaScript form submission suggests exfiltration via JS)
• Indicators: Non-official domain, country code TLD (.ml), obfuscated JavaScript, form submission, /search form action.
• Risk: HIGH - Credential theft via fake form submission.

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • atob
  • eval
  • fromCharCode
  • unescape
  • hex_escape
  • unicode_escape
  • js_packer
  • base64_strings

🎯 Kit Endpoints

  • /catalog/1018554668
  • https://www.roblox.com/catalog/130373407996664/null
  • https://www.roblox.com/catalog/119324659496207/null
  • /catalog
  • https://www.roblox.com/catalog/101973802344319/null
  • /catalog/17577949104
  • https://www.roblox.com.ml/info/blog?locale=en_us
  • https://www.roblox.com.ml/catalog?CatalogContext=1&Keyword=
  • https://www.roblox.com/catalog/89237729550175/null
  • https://www.roblox.com/catalog/17577949104/null
  • https://www.roblox.com/catalog/83937116921114/null
  • https://www.roblox.com/catalog/754635032/null
  • https://www.roblox.com/catalog/117317967384424/null
  • /catalog/754636298
  • https://www.roblox.com/catalog/85064148890099/null
  • https://www.roblox.com/catalog/94207363838124/null
  • https://www.roblox.com/catalog/80833625256085/null
  • https://www.roblox.com/catalog/118275098142282/null
  • https://www.roblox.com/catalog/107876906334794/null
  • https://www.roblox.com/catalog/14618207727/null
  • https://www.roblox.com/catalog/98956234122192/null
  • https://www.roblox.com/catalog/131703345498519/null
  • https://www.roblox.com/catalog/78976375647565/null
  • https://www.roblox.com/catalog/115745153758680/null
  • https://www.roblox.com/catalog/180660043/null
  • /catalog/180660043
  • https://www.roblox.com/catalog/439946249/null
  • https://www.roblox.com/catalog/1018554668/null
  • https://www.roblox.com/catalog/126593702468420/null
  • https://www.roblox.com/catalog/128229714658278/null
  • https://www.roblox.com/catalog/128475661806875/null
  • https://www.roblox.com/catalog/79787792047425/null
  • https://www.roblox.com/catalog/754636298/null
  • https://www.roblox.com/catalog/129760801107314/null
  • /catalog/439946249
  • https://www.roblox.com/catalog/18538150608/null
  • https://www.roblox.com/catalog/111430303117901/null
  • /catalog/18538150608
  • /catalog/14618207727
  • https://www.roblox.com/catalog/93265465812875/null
  • https://www.roblox.com/catalog/104320169195865/null
  • /login?returnUrl=6478373050472226
  • /catalog/754635032

📡 API Calls Detected

  • https://help.roblox.com/hc/articles/30428367965460
  • POST
  • https://ro.blox.com/Ebh5?
  • get
  • GET
  • babylonjs
  • https://apis.

📤 Form Action Targets

  • /search

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Roblox
https://www.robiox.com.ps/users/6640398912/profile
Jun 29, 2026

Scan History for www.roblox.com.ml

Found 10 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.