# claim.humafinance.co — SUSPICIOUS

> Claim.humafinance.co is linked to crypto drainer threats. Under investigation despite no current detections. Exercise caution when visiting this domain.

## Summary
PhishDestroy identifies claim.humafinance.co as an active domain associated with crypto drainer activity, currently categorized with an under investigation risk level. The domain's behavior suggests potential cryptocurrency theft tactics, warranting close monitoring.

Supporting evidence includes the domain's recent creation date on February 26, 2026, and registration through PDR Ltd. d/b/a PublicDomainRegistry.com, a common registrar frequently abused by malicious actors. The domain resolves to IP 172.67.137.230 and has no detections flagged by VirusTotal to date, indicating it may be employing novel or stealthy techniques to evade security vendor detection.

Users should exercise caution and avoid interacting with claim.humafinance.co, especially in relation to cryptocurrency transactions or wallet access. PhishDestroy continues to track this domain’s activity and recommends blocking or monitoring it within threat intelligence frameworks until further conclusive evidence is obtained.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-06 21:07:02
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 172.67.137.230
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: johnathan.ns.cloudflare.com sierra.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 0 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc4c9-6014-713c-afa8-8c582836ae7c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/aad81ceb-27a9-44ce-97c1-c0ed4c84e6f3
- Wayback Machine: https://web.archive.org/web/https://claim.humafinance.co
- PhishDestroy: https://phishdestroy.io/domain/claim.humafinance.co/
- LLM endpoint: https://phishdestroy.io/domain/claim.humafinance.co/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claim.humafinance.co/
Last updated: 2026-03-19