# neurontin-yms.com — SUSPICIOUS

> PhishDestroy warns that neurontin-yms.com is a suspected crypto drainer impersonating Neurontin; verify safety with PhishDestroy before use.

## Summary
PhishDestroy identifies neurontin-yms.com as an active domain currently under investigation for suspected generic phishing activity targeting pharmaceutical products. The domain mimics legitimate medication retailers, likely to deceive users into purchasing counterfeit or unapproved drugs. No specific brand impersonation has been confirmed, but the site operates under a suspicious registration and hosting profile that warrants heightened scrutiny.

This domain was flagged by 0 out of 95 VirusTotal vendors as of the latest scan. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP 172.67.148.38, and was created on September 02, 2020. The domain holds an SSL certificate issued by Google Trust Services, which does not guarantee legitimacy. Despite zero detections on VirusTotal, the combination of age, registrar profile, and unresolved investigation status elevates risk potential.

As of this report, neurontin-yms.com remains under active investigation. Users are strongly advised to avoid interacting with this domain, especially for any financial transactions or data entry. PhishDestroy recommends verifying the safety of any similar domain using official tools and consulting trusted sources before proceeding. Exercise extreme caution with sites offering prescription medications or financial services without verified credentials.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2020-09-02 19:49:21
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.148.38

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6ff969d3-8529-4cf4-8218-12b53682780e
- PhishDestroy: https://phishdestroy.io/domain/neurontin-yms.com/
- LLM endpoint: https://phishdestroy.io/domain/neurontin-yms.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/neurontin-yms.com/
Last updated: 2026-03-27