labor-day-51gb-free12.xcv9r[.]top
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of labor-day-51gb-free12.xcv9r[.]top
This domain appears to host a promotional landing page themed around Labor Day in the Philippines, claiming that visitors have received "51GB FREE Data" valid for 90 days. The page imagery and wording suggest it is targeting Filipino users and referencing mobile data offers associated with major telecom brands shown in the screenshot. Based on the page title, visual design, and linked paths such as go.php and single.php, the site appears to function as a campaign-style redirect or lead-generation page rather than a full corporate website.
The domain name itself is highly promotional and disposable-looking, combining a holiday reference, a free-data claim, and a low-recognition host domain. No clear operator identity is provided in the scan data, and the domain does not appear to belong to an established telecom provider or public institution. Based on available information, this website may be attempting to attract users with a giveaway-style offer tied to a seasonal event.
Safety Assessment for labor-day-51gb-free12.xcv9r[.]top
The scan results show mixed signals. On one hand, 0 out of 91 security engines flagged the domain at the time of this scan, and the checked blacklist databases did not report a listing. On the other hand, a malware scan indicated malicious or suspicious findings in 7 out of 10 scanned files, including the main page components and multiple redirect-style URLs. The scan also identified flagged external resources and referenced domains associated with generic malicious objects, which may indicate risky third-party content or traffic redirection behavior.
Additional context raises concern: the domain was registered only 1 day before the scan, has no established popularity ranking, uses a highly bait-like naming pattern, and presents a giveaway claim that could be used to lure clicks or personal information. The screenshot also shows branding from major Philippine telecom companies, but the domain does not appear to be an official domain for those providers, so the page may be presenting itself in a way that could confuse visitors.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was served over HTTPS with a valid Let's Encrypt certificate at the time of the scan and was fronted by Cloudflare infrastructure, with the resolved IP associated with Cloudflare hosting in Canada. Nameservers also point to Cloudflare. DNSSEC appears to be unsigned, which is not uncommon but does mean there is no DNSSEC validation layer present.
From a security perspective, the more notable issues are application-level rather than transport-level. Multiple scanned files and outbound links were flagged as malicious or suspicious, including references to external script and image resources on unrelated domains. The domain is also extremely new, which can be a risk factor for short-lived abuse campaigns. A valid certificate and CDN-backed hosting do not by themselves indicate legitimacy.
Share your experience with this website. Was it safe? Did you encounter any issues?