labor-day-51gb-free5.iokd9[.]top
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of labor-day-51gb-free5.iokd9[.]top
The domain labor-day-51gb-free5.iokd9[.]top appears to host a promotional landing page themed around Philippine Labor Day, claiming visitors have received "51GB FREE Data". The page title and screenshot suggest it targets Filipino users and references major telecom brands, presenting the offer as a holiday-related mobile data giveaway rather than as a conventional business, news, or informational website.
Based on the domain structure and page content, this does not appear to be an official corporate domain for a telecom provider or government program. Instead, it looks like a short-lived campaign-style page using a subdomain on a low-cost top-level domain, with redirect-style paths such as go.php and single.php that may be intended to funnel visitors through promotional or tracking flows.
No clear operator identity, company ownership details, or transparent organizational information were provided in the scan data. That lack of attribution, combined with the giveaway framing and use of third-party referenced resources, may make it difficult for visitors to verify who is behind the site.
Safety Assessment for labor-day-51gb-free5.iokd9[.]top
Several indicators in the scan data suggest elevated risk at the time of this scan. The domain was flagged by 3 out of 91 security engines, including classifications associated with malware and phishing activity. In addition, the malware scan marked 7 out of 10 scanned files as malicious or suspicious, and identified flagged external resources and referenced domains that were associated with generic malicious objects.
The page content itself also raises concern. It presents a highly enticing free-data offer tied to a public holiday and displays recognizable telecom branding, yet the domain does not appear to belong to an official telecom operator. This kind of promotional framing may be used to encourage clicks, redirects, or data submission, especially when paired with newly registered domains and intermediary paths such as go.php.
Although some blacklist and threat-database checks were clean at the time of this scan, that does not outweigh the combination of engine detections, suspicious linked resources, and the extremely recent registration. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was served over HTTPS with a valid Let's Encrypt certificate, and traffic appears to be proxied through Cloudflare infrastructure on IP 104.21.52.50. The domain uses Cloudflare nameservers and was geolocated to Toronto, Canada based on hosting data, though the page content appears aimed at users in the Philippines. DNSSEC was not enabled, as the domain is unsigned.
From a security perspective, the technical profile shows several concerns: the domain age is 0 days, it is not ranked in major popularity lists, and multiple internal paths and external resources were flagged during malware analysis. The use of a valid certificate and CDN protection may provide transport encryption and basic infrastructure shielding, but those features do not by themselves indicate legitimacy.
Share your experience with this website. Was it safe? Did you encounter any issues?