# openclawaix.fun — SUSPICIOUS > PhishDestroy identifies openclawaix.fun as a high-risk fake claw machine scam site, with VirusTotal flagged by 1/95 vendors. Read the full report. ## Summary PhishDestroy has identified openclawaix.fun as an active phishing domain engaged in a specific form of deception: impersonating online claw machine games to steal user credentials and payment details. This domain poses an elevated risk due to its recent creation and association with fraudulent activities. VirusTotal reports that only 1 out of 95 security vendors currently flag this domain, despite its malicious intent. The domain resolves to IP address 172.67.176.17 and was created on April 01, 2026, which is alarmingly recent and suggests a hastily deployed operation. It is registered through PDR Ltd. d/b/a PublicDomainRegistry.com and utilizes a free Let’s Encrypt SSL certificate to appear legitimate. These details collectively highlight a domain that is actively evolving in response to security measures. The timing of the domain’s creation and registration through a bulk domain provider raises immediate concerns about its legitimacy. The low detection rate on VirusTotal indicates that many security solutions have not yet identified the threat, leaving users exposed. The use of a legitimate-looking SSL certificate further enhances its deceptive appeal. Given the domain’s specific purpose—mimicking claw machine games to capture user data or financial information—it is crucial for users to avoid interaction and for organizations to update their threat intelligence feeds to include this domain for proactive blocking. Mitigation steps include: 1) Immediately blocking the domain openclawaix.fun and the associated IP address 172.67.176.17 at the network level; 2) Educating users about the risks of interacting with gaming-related phishing sites, especially those offering unrealistic prizes or requiring sensitive information; 3) Reporting the domain to relevant cybersecurity platforms, such as VirusTotal, PhishTank, or the Anti-Phishing Working Group, to increase its detection rate and warn others; 4) Monitoring for any variations of this domain, as threat actors often create similar domains to bypass defenses; and 5) Ensuring that endpoint protection solutions are updated to detect and block this domain. Users should treat any unsolicited messages or links related to claw machine games as suspicious and verify the legitimacy of the website through official channels before engaging. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-01 11:41:17 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.176.17 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/9c9e84d6-72f9-434f-bf80-13bbc4981504 - PhishDestroy: https://phishdestroy.io/domain/openclawaix.fun/ - LLM endpoint: https://phishdestroy.io/domain/openclawaix.fun/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/openclawaix.fun/ Last updated: 2026-04-12