giftcardmall.cc

https://giftcardmall.cc/

104.21.18.66 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

303 days

HTTP

200 · 27.9s

SSL

Valid· E7, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "GiftCardMall/MyGift | Activate & Check Your Balance"

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

GiftcardMall

Vendors

27/27

Status

completed

✓ avg✓ brightcloud✓ microsoft✓ yandex✓ norton✓ mcafee✓ netcraft✓ urlscan✓ spamhaus✓ phishreport✓ eset✓ bitdefender✓ apple✓ cisa✓ sophos✓ avast✓ openphish✓ emsisoft✓ urlquery✓ apwg✓ virustotal✓ phishtank✓ urlabuse✓ google✓ threatyeti✓ kaspersky✓ fortiguard

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

GiftCardMall

Credential Phishing

finance | technology | ecommerce · 4/5/2026

Summary

The page at giftcardmall.cc presents a GiftCardMall/MyGift branding and activates balance features, but the domain giftcardmall.cc is not the official GiftCardMall domain. The page title and meta tags claim GiftCardMall/MyGift, yet the domain registered is new (303 days old) with a Cloudflare-hosted site and a Let's Encrypt certificate, indicating a recent and potentially malicious setup. External scripts and SPA behavior suggest credential capture via dynamically rendered forms, consistent with typical phishing impersonation.

Attack Techniques (5)

Typosquat/brand impersonation via non-official domain giftcardmall.cc claiming GiftCardMall brandingSingle-Page Application (SPA) with dynamic credential capture rendered by JavaScript bundlesBrand assets and UI closely resembling GiftCardMall shown through page title/meta and screenshot, plus loaded brand-like imageryExternal script loading from multiple sources including Google Analytics, Cloudflare beacon, and WordPress theme assets to mimic legitimate site structure0 static forms in HTML but potential credential capture via JS-rendered forms in SPA

Indicators of Compromise (7)

▸DOMAIN: giftcardmall.cc

▸Page title: GiftCardMall/MyGift | Activate & Check Your Balance

▸Meta og:title and description align with GiftCardMall/MyGift

▸External script sources referencing WordPress Neve theme and typical WP plugin assets on giftcardmall.cc

▸SSL certificate issued by Let's Encrypt for giftcardmall.cc (short validity window) with SAN *.giftcardmall.cc

▸Domain age 303 days, but risk factors indicate high external script count and potential SPA credential collection

▸POST requests to Google Analytics g/collect and rum endpoints, often used in tracking; presence supports SPA activity and data exfiltration risk

Risk AssessmentUsed in abuse reports

The site at giftcardmall.cc is a high-risk impersonation of the GiftCardMall brand. The page title and metadata emulate GiftCardMall/MyGift, while the domain is not an official GiftCardMall domain. The page appears to render a sophisticated SPA with numerous external JS assets, suggesting credential collection could occur through dynamically injected forms. The SSL cert is newly issued by Let's Encrypt, and the domain age is relatively short for a trusted brand. Given these signals, this domain should be treated as a credential-phishing target and blocked or suspended pending further verification. Evidence includes domain mismatch with the branded page, SPA behavior implying credential capture, and network activity loading brand-like assets and analytics endpoints.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence