# roblox-big-paintball-2-unlock-all-guns-script.pages.dev — SUSPICIOUS

> roblox-big-paintball-2-unlock-all-guns-script.pages.dev is a Roblox cheat phishing page serving malware; check the full report now

## Summary
PhishDestroy identifies roblox-big-paintball-2-unlock-all-guns-script.pages.dev as an active under-investigation generic phishing domain posing as a Roblox Big Paintball 2 cheat tool. The page promises to unlock all guns via a script, but instead delivers malicious payloads aimed at harvesting user credentials and installing cryptominers on compromised devices. Technical analysis shows zero detections on VirusTotal out of 95 engines as of the latest scan, indicating this threat remains largely undetected by antivirus solutions. The domain is registered through Cloudflare, Inc., resolving to IP 188.114.97.3 and secured with a Let's Encrypt SSL certificate, which adds a false veneer of legitimacy to the phishing lure.


This domain employs a classic social-engineering tactic: offering free in-game advantages to trick Roblox players into downloading and executing an unauthorized script. The lure targets the popular Roblox Big Paintball 2 title, exploiting player desire for competitive advantages. The domain has not yet been widely blacklisted, maintaining a low profile despite its active distribution of malicious content. With no antivirus detection and Cloudflare’s fast-flux hosting, the threat is both evasive and scalable. Users who visit the page are immediately prompted to download a file named 'unlock-all-guns.lua' or similar, which is actually a disguised executable or PowerShell script designed to exfiltrate session tokens, browser data, or mine cryptocurrency in the background.


If you visited roblox-big-paintball-2-unlock-all-guns-script.pages.dev, immediately disconnect from the internet and run a full antivirus scan using a trusted tool such as Malwarebytes or Windows Defender. Change your Roblox password and enable two-factor authentication on your account. Review recent transactions and connected devices in your Roblox settings. Do not execute any downloaded files from unverified sources, especially those promising cheats or hacks. Report the domain to your antivirus vendor and to Roblox support. Monitor your system for unusual CPU usage or network activity, as these may indicate ongoing cryptomining or data exfiltration. Stay safe by only downloading content from official Roblox channels and verified creators.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/85a8d7a6-096a-4d4f-affc-71a95cbb6702
- PhishDestroy: https://phishdestroy.io/domain/roblox-big-paintball-2-unlock-all-guns-script.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/roblox-big-paintball-2-unlock-all-guns-script.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/roblox-big-paintball-2-unlock-all-guns-script.pages.dev/
Last updated: 2026-03-22