Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

blob:

  • 2 odgovori
  • 0 ima ovaj problem
  • 25 views
  • Posljednji odgovor poslao J S

J S
J S
more options

Hello,

I process phishing URL's,

I have recently come across URL's that make use of a BLOB: syntax on the URL:

blob:https://bolig.botik.dk/16c8c011-0fa5-4ba0-a10f-ed7675055cc6

You can see an example of the Phishing URL in this PhishTank entry:

https://phishtank.com/phish_detail.php?phish_id=9118779

That URL then re-directs to the above "BLOB" URL.

My understanding is that it is "locally" generating the phishing website, similar to an old fashioned about: syntax, however it's not clear what the significance of bolig.botik.dk URL is - loading that URL without the BLOB: prefix causes an error

Can someone explain:

1) What is the BLOB: syntax, and 2) what would be reported to have the phishing URL removed in the above example?

Hello, I process phishing URL's, I have recently come across URL's that make use of a BLOB: syntax on the URL: blob:https://bolig.botik.dk/16c8c011-0fa5-4ba0-a10f-ed7675055cc6 You can see an example of the Phishing URL in this PhishTank entry: https://phishtank.com/phish_detail.php?phish_id=9118779 That URL then re-directs to the above "BLOB" URL. My understanding is that it is "locally" generating the phishing website, similar to an old fashioned about: syntax, however it's not clear what the significance of bolig.botik.dk URL is - loading that URL without the BLOB: prefix causes an error Can someone explain: 1) What is the BLOB: syntax, and 2) what would be reported to have the phishing URL removed in the above example?

Izabrano rješenje

Web and JavaScript developers use Blobs for various purposes, but a common one is to generate a downloadable file within the web page without having to retrieve anything further from the server. I use this method to create HTML files, PNG files, and JPEG files. I sometimes see PDF files open in a new tab with a blob: URL.

The "object" URL generated in this process is specific to the generated file and doesn't exist on the server. So I don't think you can report the blob itself as a phishing file, you would need to report the page that generates the blob as a phishing page.

Pročitajte ovaj odgovor sa objašnjenjem 👍 1

All Replies (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Odabrano rješenje

Web and JavaScript developers use Blobs for various purposes, but a common one is to generate a downloadable file within the web page without having to retrieve anything further from the server. I use this method to create HTML files, PNG files, and JPEG files. I sometimes see PDF files open in a new tab with a blob: URL.

The "object" URL generated in this process is specific to the generated file and doesn't exist on the server. So I don't think you can report the blob itself as a phishing file, you would need to report the page that generates the blob as a phishing page.

Helpful?

J S
J S Vlasnik pitanja
more options

Wonderful! If only all technical support was as helpful as you. And you're a volunteer? Some company could be paying you mega dollars for answers only a fraction as useful. Thanks.

Helpful?

Postavite pitanje

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.