labor-day-51gb-free21.y8699[.]top
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of labor-day-51gb-free21.y8699[.]top
The domain labor-day-51gb-free21.y8699[.]top appears to host a promotional landing page claiming that visitors have received "51GB FREE Data for Labor Day." Based on the page title, screenshot, and linked assets, the site appears to target users in the Philippines and presents itself as a holiday-themed mobile-data giveaway for Filipino workers. The imagery and wording suggest a mass-audience promotional campaign rather than a normal business website with established corporate information, support pages, or service documentation.
The page also appears to reference major Philippine telecom brands in its visual design, which may be intended to increase credibility with visitors. However, the scanned domain itself is not an obvious official telecom domain, and the hostname structure looks like a disposable subdomain rather than a primary branded web property. Based on available data, the operator is not clearly identified on the page, and the domain naming pattern suggests it may be part of a short-lived campaign or traffic-redirect funnel rather than an official public-facing service.
Safety Assessment for labor-day-51gb-free21.y8699[.]top
This website shows several risk indicators at the time of this scan. One out of 91 security engines flagged the domain for phishing, and a malware scan marked the overall threat level as malicious while flagging 7 of 10 scanned files or paths as malicious or suspicious. The scan also found flagged outbound resources and referenced domains, including externally loaded content that was identified as potentially malicious. These findings do not prove intent on their own, but they do indicate that the page may be part of a deceptive redirect or lure-based campaign.
The content itself raises additional concerns. The domain is very new, has no meaningful popularity ranking, and uses a promotional message offering a large amount of free mobile data tied to a holiday event. The screenshot also displays telecom branding despite being hosted on an unrelated .top subdomain, which may cause visitors to believe the page is affiliated with established providers when that relationship is not evident from the domain. Combined with the suspicious redirect paths and flagged external resources, this pattern is commonly associated with phishing, lead-generation abuse, or misleading giveaway pages.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was served through Cloudflare infrastructure and resolved to IP address 172.67.160.193, with hosting geolocated to Canada in the scan data. It used a valid Let's Encrypt SSL certificate that was set to expire on 2026-07-17, which indicates HTTPS was enabled at the time of testing. The domain uses Cloudflare nameservers, but DNSSEC appears to be unsigned.
From a security perspective, the main concerns are not the TLS certificate itself but the surrounding indicators: a very recent registration date, lack of DNSSEC, suspicious PHP endpoints such as single.php and go.php, and outbound references to domains and files that were flagged during malware analysis. Those technical signals may indicate a lightweight campaign page designed to redirect users or load third-party content dynamically.
Share your experience with this website. Was it safe? Did you encounter any issues?