# penlde.run — SUSPICIOUS

> penlde.run is flagged for phishing risks and is currently offline. Avoid accessing it to protect your personal data and devices.

## Summary
PhishDestroy identifies penlde.run as a medium-risk generic phishing domain. The domain was registered recently on February 21, 2026, and has been classified due to suspicious activities aimed at deceiving users into divulging sensitive information. Its classification as a phishing threat indicates that it was likely used to impersonate legitimate services to harvest credentials or personal details.

Technical analysis reveals that penlde.run was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and has been flagged on three separate security blocklists. VirusTotal scans show that 4 out of 95 security vendors detected malicious behavior associated with this domain, reinforcing its potential danger. The domain’s infrastructure and registration details align with common phishing tactics, including rapid domain registration and hosting patterns often used to evade detection.

Currently, penlde.run has been taken offline, reducing immediate risk to users. The domain’s removal from active hosting environments follows its identification by multiple security entities. Users are advised to remain cautious, avoid any attempts to visit or interact with the domain, and ensure their security software is up to date to prevent exposure to similar threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: HK
- Nameservers: ["maciej.ns.cloudflare.com", "saanvi.ns.cloudflare.com"]

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft", "Seclookup", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- PhishDestroy: https://phishdestroy.io/domain/penlde.run/
- LLM endpoint: https://phishdestroy.io/domain/penlde.run/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/penlde.run/
Last updated: 2026-03-16