mass.report
Scan Intelligence Report0/100
medium Risk
www.dburnett.com
https://www.dburnett.com/
IP
67.222.52.165 · Unified Layer
Location
Provo, United States
Domain Age
5700 days
HTTP
200 · 18.3s
SSL
Valid· R13, Let's Encrypt, US
Status
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
GiftCardMall / MyGift
Vendors
27/27
Status
completed
✓ microsoft✓ eset✓ avg✓ avast✓ bitdefender✓ brightcloud✓ apple✓ emsisoft✓ urlscan✓ virustotal✓ yandex✓ apwg✓ spamhaus✓ norton✓ mcafee✓ threatyeti✓ urlquery✓ sophos✓ phishtank✓ netcraft✓ cisa✓ openphish✓ urlabuse✓ phishreport✓ google✓ kaspersky✓ fortiguard
Registered-domain escalation
Submit dburnett.com as the primary IOC, enriched with evidence from hostile subdomains like www.dburnett.com.
KB/IOK Matches (0)—
No KB/IOK detections were recorded for this scan.
GiftCardMall MyGift
Credential Phishingecommerce | finance | technology · 4/5/2026
Summary
The page at www.dburnett.com presents a clone targeting GiftCardMall/MyGift balance check and card activation. The page title and content mimic GiftCardMall/MyGift, but the domain does not belong to GiftCardMall. The site loads a SPA-like interface with no static login form, but the HTML and attached assets indicate a credential-collection flow likely rendered by JavaScript. The SSL cert is a short-lived Let's Encrypt cert issued to dburnett.stenerik.com, suggesting a rogue host; the domain age is long, but the certificate is recent (Jan 2026) and the canonical URL points to giftcardmallmygiftai.com in alternate links, reinforcing impersonation.
Attack Techniques (5)
Domain impersonation via typosquatting/brand mismatch (dburnett.com vs GiftCardMall/MyGift branding)SPA/JS-driven credential capture with dynamic rendering (static HTML shows no forms but scripts likely render forms)Brand asset loading and UI replication suggesting cloning of GiftCardMall/MyGiftBalance/Activation pagesAlternate-language/redirect hints and embedded FAQ structured data to appear legitimateNew Let's Encrypt certificate issued to a subdomain not controlled by GiftCardMall
Indicators of Compromise (6)
▸DOMAIN: www.dburnett.com ( IOC )
▸PAGE TITLE: GiftCardMall/MyGift | Balance Check | Card Activation (brand impersonation signal)
▸Network: no external scripts listed in scan, but SPA behavior implied; canonical link to giftcardmallmygiftai.com
▸SSL SAN includes dburnett.com and dburnett.stenerik.com, unusual for GiftCardMall hosting
▸Alternate hreflang links to giftcardmallmygiftai.com in page source
▸Page content replicates GiftCardMall/MyGift flow (balance check, activation steps) without official domain ownership
Risk AssessmentUsed in abuse reports
Scanner detected a brand impersonation attempt targeting GiftCardMall/MyGift. The domain dburnett.com is not owned by GiftCardMall or affiliated networks, yet the page presents GiftCardMall branding and a balance check/activation flow. The static HTML contains no forms, suggesting a SPA that would render credential collection at runtime. The SSL certificate is a short-lived Let's Encrypt cert issued to a related subdomain, and the presence of alternate links to giftcardmallmygiftai.com indicates intent to mislead users into entering card details under the guise of GiftCardMall. This is a high-risk credential phishing setup requiring urgent takedown and domain suspension actions.
Recommended Action
Monitor
Cross-Reference8
URL Intelligence
Domain Intelligence
IP Intelligence
Public threat feed available — JSON API