Re: Results from scanning URL: -http://online-transaction.icu/window.location.hash.substr(1);windows.location.assign
Number of sources found: 0
Number of sinks found: 2 on issue, read on dom-xss exploit:
https://medium.com/@a.pranaykumar01/address-dom-xss-b21515db0562
7 detect this mentioned url as malicious: https://www.virustotal.com/gui/url/5fe25661e5e7580d57e1ee1545ee27f35b37b2377a2259b4ffebe3fe9e5e7353/detection
detection as phishing, spam & malware site with code as
url(data:image/png;base64,iVBORw0KXXXXXXXXXXXXXXUgAAAPAAAADqCAMAAACrxjhdAAAAt1BMVEUAAAAAAAD///////// etc
on -http://online-transaction.icu/cgi-sys/suspendedpage.cgi
and 0n -http://online-transaction.icu/cgi-sys/suspendedpage.cgi with code as
.additional-info {
background-image: -url(data:image/png;base64,iVBORw0KGgoXXXXXXXXXXXXXXXAPAAAADqCAMAAACrxjhdAAAAt1BMVEUAAAAAAAD/////////////////////////////////////////////////////////////////////////////////////////////XXXXXXXXXXXXXXXXXXXXX///////////////////////////////////////5+fn////
Interesting read on a counter measure detecting: https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549
polonus (volunteer 3rd party cold recon website security analyst & website error-hunter)