# app-clawdbotatg.xyz — SUSPICIOUS > PhishDestroy identifies app-clawdbotatg.xyz as a rogue site luring users with a bogus claw-machine bot installer. Created March 25 2026 and served from 172.67. ## Summary PhishDestroy rates app-clawdbotatg.xyz at an active investigation status with threat classification generic_phishing. The domain was registered through Dynadot LLC on March 25, 2026 and resolves to IP address 172.67.180.100. VirusTotal currently shows 0 detections out of 95 scanners, indicating that signature-based engines have not yet flagged the payload. The domain holds a valid Let's Encrypt SSL certificate, which may be used to disguise malicious traffic as legitimate HTTPS sessions. As of this review the domain has not yet appeared on any public blocklists, but the combination of recent creation and low detection rate suggests it is actively distributing a fraudulent ‘claw machine bot' installer aimed at harvesting user credentials or payment details. Technical indicators include registration via Dynadot LLC, hosting IP 172.67.180.100, a Let's Encrypt SSL certificate, and a domain creation timestamp of March 25, 2026. Current VirusTotal coverage is 0/95 detections, and the domain remains absent from most threat-intel feeds. These attributes align with a staged phishing campaign designed to trick gamers into downloading counterfeit automation tools that exfiltrate sensitive account information. To mitigate risk, users should avoid downloading files from app-clawdbotatg.xyz or clicking any links on the site. If a download was initiated, disconnect from the internet immediately, run a full antivirus scan, and rotate any reused passwords. Block the domain at DNS level with a sinkhole or firewall rule targeting 172.67.180.100. Report the domain to your email provider and to abuse contacts at Dynadot LLC and Let's Encrypt to hasten takedown. Monitor financial accounts for unauthorized transactions for at least 30 days following any potential exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-25 04:00:15 - Registrar: Dynadot LLC - IP: 172.67.180.100 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/aacf5f9b-b9f6-4022-816f-159aae7e8147 - PhishDestroy: https://phishdestroy.io/domain/app-clawdbotatg.xyz/ - LLM endpoint: https://phishdestroy.io/domain/app-clawdbotatg.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app-clawdbotatg.xyz/ Last updated: 2026-03-29