# iconomiteilg.com — MALICIOUS

> iconomiteilg.com is identified as a high-risk phishing domain. Avoid access and stay protected. Check domain safety before visiting.

## Summary
PhishDestroy identifies iconomiteilg.com as a generic phishing threat established on February 23, 2026. This domain was created with the intent to deceive users, potentially to capture sensitive information or credentials through fraudulent means. Given its classification as a high-risk entity, users should exercise caution and avoid interactions with this domain to mitigate potential security risks.

The domain resolves to IP address 185.107.44.123 and was registered via NICENIC INTERNATIONAL GROUP CO., LIMITED, which has been associated with multiple suspicious domain registrations. iconomiteilg.com has been flagged by 20 out of 95 security vendors on VirusTotal and appears on 4 separate security blocklists. This combination of technical indicators strongly suggests an active involvement in phishing campaigns or other malicious activities designed to exploit victims.

Currently, iconomiteilg.com is offline, indicating that either the hosting provider or domain registrar has taken action to disrupt its malicious use. Despite this, PhishDestroy recommends continuous monitoring of any resurgence or similar domain variants. Users and organizations should implement defensive measures such as domain blocking and phishing awareness training to guard against future threats related to this domain or associated infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Iconomiteilg | Official Website Platform

## Domain Intelligence
- Registered: 2026-03-06 15:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 185.107.44.123
- IP Country: NL
- IP City: Roosendaal
- IP Org: AS43350 NForce Entertainment B.V.
- Nameservers: ["brit.ns.cloudflare.com", "damiete.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 17 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Cluster25", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/cX8mn82F/c56344d05c43.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/iconomiteilg.com
- Wayback Machine: https://web.archive.org/web/https://iconomiteilg.com
- PhishDestroy: https://phishdestroy.io/domain/iconomiteilg.com/
- LLM endpoint: https://phishdestroy.io/domain/iconomiteilg.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/iconomiteilg.com/
Last updated: 2026-03-19