# us-live-learn.pages.dev — SUSPICIOUS

> us-live-learn.pages.dev is linked to credential harvesting phishing targeting users. VirusTotal flags 1/95 vendors. Check the full report.

## Summary
PhishDestroy identifies us-live-learn.pages.dev as an active threat domain engaged in credential harvesting phishing. This domain does not appear to impersonate a specific brand nor is tied to a known drainer kit, but it is designed to deceive users into submitting sensitive login information. The domain exploits trust by leveraging a Google Trust Services SSL certificate, which may make it appear legitimate to unsuspecting victims.

Technical analysis reveals that us-live-learn.pages.dev was registered using Cloudflare, Inc. as the registrar. According to VirusTotal, only 1 out of 95 security vendors flags this domain, indicating emerging but low detection at this time. The domain resolves to the IP address 188.114.96.3 and currently holds a valid SSL certificate issued by Google Trust Services. There is no evidence of Google Safe Browsing (GSB) blacklisting, and the domain does not appear on multiple blocklists yet. No creation date is provided, but the domain remains actively monitored due to its elevated risk profile.

Currently, us-live-learn.pages.dev is active and poses an elevated risk to users who may encounter its credential harvesting pages. Security teams should monitor for any phishing attempts originating from this domain and consider blocking or flagging it in email and web filters. End users are advised to avoid entering credentials on this domain and report any suspicious interactions. Although detection rates are low, the domain’s use of trusted SSL and Cloudflare registration suggest it may evade some security controls without proactive measures. Continued vigilance and updated threat intelligence are essential to mitigate risks associated with this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0af60878-c82f-4285-802f-961ab512f163
- PhishDestroy: https://phishdestroy.io/domain/us-live-learn.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/us-live-learn.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/us-live-learn.pages.dev/
Last updated: 2026-03-26