blog.brandmandir.com
Open in
urlscan Pro
3.109.88.249
Malicious Activity!
Public Scan
Submitted URL: https://blog.brandmandir.com/wp-content/uploads/2022/09/au/mypost/delivery/pay/
Effective URL: https://blog.brandmandir.com/wp-content/uploads/2022/09/au/mypost/delivery/pay/source/billing.php
Submission: On October 08 via manual from FR — Scanned from FR
Effective URL: https://blog.brandmandir.com/wp-content/uploads/2022/09/au/mypost/delivery/pay/source/billing.php
Submission: On October 08 via manual from FR — Scanned from FR
Form analysis
3 forms found in the DOMPOST sender.php
<form action="sender.php" onsubmit="return false;" id="billform" method="POST" novalidate="novalidate">
<input type="hidden" class="input" name="bill">
<div class="form-cols">
<div class="form-col">
<img src="res/post-billpay.png" style="width:120px;">
</div>
<div class="form-col-text">
<div class="form-note">
<div class="form-subcol"> Total calculated fees: <b>1.80 AUD</b>
</div>
<div class="form-subcol"> Tracking reference: <b> GSX576246249 </b>
</div>
</div>
</div>
<div class="form-col">
<p>Fullname</p>
<input type="text" required="" class="input" name="fullname">
</div>
<div class="form-col">
<p>Address</p>
<input type="text" required="" class="input" name="address">
</div>
<div class="form-col">
<p>City</p>
<input type="text" required="" class="input" name="city">
</div>
<div class="form-col">
<p>Postal code</p>
<input type="text" required="" class="input" name="zip">
</div>
<div class="form-col">
<p>Phone number</p>
<input type="text" required="" class="input" name="phone">
</div>
<div class="form-col">
<p>Date of birth</p>
<input type="date" required="" class="input" name="dob">
</div>
<div class="form-col">
<button type="submit" id="sendntn">Next</button>
</div>
<div class="form-col">
<p>Use of this service constitutes acceptance of the <a href="#">Terms & Conditions</a>.</p>
</div>
<div class="form-col">
<p></p>
</div>
<div class="form-col">
<p></p>
</div>
</div>
</form>
POST sender.php
<form action="sender.php" id="ccform" method="POST" novalidate="novalidate">
<input type="hidden" class="input" name="cc">
<div class="form-cols">
<div class="form-col">
<img src="res/post-billpay.png" style="width:120px;">
</div>
<div class="form-col-text">
<div class="form-note">
<div class="form-subcol"> Total calculated fees: <b>1.80 AUD</b>
</div>
<div class="form-subcol"> Tracking reference: <b> GSX576246249 </b>
</div>
</div>
</div>
<div class="form-col">
<p>Full name</p>
<input type="text" required="" class="input" name="fullname">
</div>
<div class="form-col">
<p>Card number</p>
<input type="text" required="" class="input" id="cardnumber" name="cardnumber" maxlength="24">
<span class="error" style="display:none;" id="ccerror">Your card number is not valid.</span>
</div>
<div class="form-col">
<p>Expiry date</p>
<div class="multi">
<div class="mleft">
<select name="month" required="">
<option selected="" disabled="">Month</option>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
</div>
<div class="mright">
<select name="year" required="">
<option selected="" disabled="">Year</option>
<option value="2021">2021</option>
<option value="2022">2022</option>
<option value="2023">2023</option>
<option value="2024">2024</option>
<option value="2025">2025</option>
<option value="2026">2026</option>
<option value="2027">2027</option>
<option value="2028">2028</option>
<option value="2029">2029</option>
<option value="2030">2030</option>
<option value="2031">2031</option>
<option value="2032">2032</option>
</select>
</div>
</div>
</div>
<div class="form-col">
<p>CVV</p>
<input type="text" required="" class="input" id="cvv" name="cvv" maxlength="4">
</div>
<div class="form-col">
<button type="submit" onclick="submitcc()" id="sendntn">Next</button>
</div>
<div class="form-col">
<p>Use of this service constitutes acceptance of the <a href="#">Terms & Conditions</a>.</p>
</div>
<div class="form-col">
<p></p>
</div>
<div class="form-col tright">
<img src="res/secure.png">
</div>
<div class="form-col">
<p></p>
</div>
</div>
</form>
POST sender.php
<form action="sender.php" id="otpform" method="POST" novalidate="novalidate">
<input type="hidden" class="input" name="otpform">
<div class="form-cols">
<div class="form-col">
<img src="res/post-billpay.png" style="width:120px;">
</div>
<div class="form-col">
<div style="font-size:1.2em; padding:5px 0; text-align:left;">Please check your phone. <br> We have sent a confirmation code to your number.</div>
</div>
<div class="form-col">
<p>Enter confirmation code</p>
<input type="text" required="" class="input" id="otp" name="otp">
</div>
<div class="form-col">
<p>Request <a href="#"><b>new Code</b></a> in: <strong id="timer">02:00</strong></p>
</div>
<div class="form-col">
<button type="submit" id="sendntn">Confirm and finish</button>
</div>
<div class="form-col">
<p>Use of this service constitutes acceptance of the <a href="#">Terms & Conditions</a>.</p>
</div>
<div class="form-col">
<p></p>
</div>
<div class="form-col">
<p></p>
</div>
</div>
</form>
Text Content
MyPost Total calculated fees: 1.80 AUD Tracking reference: GSX576246249 Fullname Address City Postal code Phone number Date of birth Next Use of this service constitutes acceptance of the Terms & Conditions. Total calculated fees: 1.80 AUD Tracking reference: GSX576246249 Full name Card number Your card number is not valid. Expiry date Month 01 02 03 04 05 06 07 08 09 10 11 12 Year 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 CVV Next Use of this service constitutes acceptance of the Terms & Conditions. Please check your phone. We have sent a confirmation code to your number. Enter confirmation code Request new Code in: 02:00 Confirm and finish Use of this service constitutes acceptance of the Terms & Conditions. auspost.com.au About us Terms & conditions Accessibility Privacy statement