# linkurl.pk — MALICIOUS

> linkurl.pk is a credential theft site with 18/95 VirusTotal detections. This newly registered domain (March 2026) poses immediate risk.

## Summary
PhishDestroy identifies linkurl.pk as an active credential theft domain that has been flagged by 18 out of 95 security vendors on VirusTotal. This domain was created on March 16, 2026, and resolves to IP address 91.240.21.6. The presence of a Let's Encrypt SSL certificate suggests an attempt to appear legitimate, but the overwhelming security vendor detections indicate malicious intent. Given its recent registration and high detection rate, this domain represents an elevated risk and should be treated as hostile.  The domain's technical indicators, including its low reputation due to the recent creation date and high VirusTotal detection rate, strongly suggest it is being used for credential theft. Specifically, this site is likely designed to mimic a legitimate service to trick users into entering login credentials, which are then harvested by threat actors. The use of a Let's Encrypt SSL certificate is a common tactic to evade browser warnings and build false trust. Additionally, the IP address 91.240.21.6 has been associated with malicious activities in the past, further corroborating the threat assessment. The domain’s categorization under brand impersonation or credential theft is supported by the high detection rate and the lack of legitimate use cases.  If you have visited linkurl.pk or entered any credentials, immediately change your passwords for any accounts where you reused the same credentials. Use a password manager to generate and store unique passwords for each account. Run a malware scan on your device using reputable antivirus software to check for any potential infections. Report the domain to your organization’s security team or to PhishDestroy for further analysis. Avoid interacting with this domain in the future, and ensure your browser’s security extensions are enabled to block access to known malicious sites. Staying vigilant and verifying the legitimacy of websites before entering sensitive information is critical to preventing credential theft and other forms of cyber exploitation.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-16 00:00:00
- Registrar: REGISTRAR_NOT_FOUND
- IP: 91.240.21.6

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3cb8eadc-2377-494e-8dee-dfe998ff762c
- PhishDestroy: https://phishdestroy.io/domain/linkurl.pk/
- LLM endpoint: https://phishdestroy.io/domain/linkurl.pk/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/linkurl.pk/
Last updated: 2026-03-21