# nomankhan5667.github.io — MALICIOUS

> nomankhan5667.github.io is a generic phishing domain flagged by 17 out of 95 VirusTotal vendors. Users should avoid this active GitHub-hosted site.

## Summary
nomankhan5667.github.io is currently rated at an elevated risk level due to its active engagement in generic phishing attacks. The domain is designed to deceive users by masquerading as legitimate web content to steal sensitive information.

This domain resolves to IP address 185.199.111.153 and is registered through GitHub, Inc. It utilizes a Let's Encrypt SSL certificate. VirusTotal analysis flags it as malicious by 17 out of 95 security vendors. It appears on one security blocklist and is also blocked by OpenPhish, further validating its threat status.

To mitigate risks from this phishing threat, users should avoid interacting with nomankhan5667.github.io and similar GitHub-hosted domains unless fully verified. Organizations should implement email and web filtering to block access to this domain, educate users about generic phishing tactics, and monitor for related cybersecurity events.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.111.153

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/de071340-cdbb-4959-b716-6813e8fbbb07
- PhishDestroy: https://phishdestroy.io/domain/nomankhan5667.github.io/
- LLM endpoint: https://phishdestroy.io/domain/nomankhan5667.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/nomankhan5667.github.io/
Last updated: 2026-03-27