# kicomarket.live — MALICIOUS

> kicomarket.live flagged for generic phishing with high risk. Now offline after appearing on security blocklists and threat intelligence.

## Summary
PhishDestroy identifies kicomarket.live as a high-risk domain associated with generic phishing activities. Registered on June 2, 2025, through Dominet (HK) Limited, this domain has quickly become a source of concern within cybersecurity circles due to its malicious intent. The domain's classification reflects typical phishing behavior targeting unsuspecting users for credential theft or fraud.

Technical analysis reveals that kicomarket.live resolves to IP address 188.114.97.3 and has attracted attention from 15 out of 95 security vendors on VirusTotal, indicating a substantial risk profile. Furthermore, the domain appears on at least one security blocklist and has been observed in an AlienVault OTX threat pulse, reinforcing its association with malicious infrastructure. Attempts to access the domain result in a '522: Connection timed out' error, indicating server unavailability.

Currently, kicomarket.live is offline, following detection and listing by cybersecurity entities. This status prevents further user access, mitigating ongoing phishing threats linked to the domain. Continued monitoring is recommended, as threat actors often reuse domains or IPs connected to phishing campaigns. Users and network defenders should maintain vigilance and block related indicators to reduce exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: kicomarket.live | 522: Connection timed out

## Domain Intelligence
- Registered: 2025-06-02 00:00:00
- Expires: 2026-06-02 00:00:00
- Registrar: Dominet (HK) Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: jacqueline.ns.cloudflare.com watson.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Cluster25", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a8111-6fb0-745f-99d8-1ffee97050b4.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/383f361f-8798-4b2b-9963-9cb215cf614f
- Wayback Machine: https://web.archive.org/web/https://kicomarket.live
- PhishDestroy: https://phishdestroy.io/domain/kicomarket.live/
- LLM endpoint: https://phishdestroy.io/domain/kicomarket.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kicomarket.live/
Last updated: 2026-03-19