Windows 10 will reach EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

blob:

  • 2 respostas
  • 0 have this problem
  • 69 views
  • Last reply by J S

J S
J S
more options

Hello,

I process phishing URL's,

I have recently come across URL's that make use of a BLOB: syntax on the URL:

blob:https://bolig.botik.dk/16c8c011-0fa5-4ba0-a10f-ed7675055cc6

You can see an example of the Phishing URL in this PhishTank entry:

https://phishtank.com/phish_detail.php?phish_id=9118779

That URL then re-directs to the above "BLOB" URL.

My understanding is that it is "locally" generating the phishing website, similar to an old fashioned about: syntax, however it's not clear what the significance of bolig.botik.dk URL is - loading that URL without the BLOB: prefix causes an error

Can someone explain:

1) What is the BLOB: syntax, and 2) what would be reported to have the phishing URL removed in the above example?

Hello, I process phishing URL's, I have recently come across URL's that make use of a BLOB: syntax on the URL: blob:https://bolig.botik.dk/16c8c011-0fa5-4ba0-a10f-ed7675055cc6 You can see an example of the Phishing URL in this PhishTank entry: https://phishtank.com/phish_detail.php?phish_id=9118779 That URL then re-directs to the above "BLOB" URL. My understanding is that it is "locally" generating the phishing website, similar to an old fashioned about: syntax, however it's not clear what the significance of bolig.botik.dk URL is - loading that URL without the BLOB: prefix causes an error Can someone explain: 1) What is the BLOB: syntax, and 2) what would be reported to have the phishing URL removed in the above example?

Chosen solution

Web and JavaScript developers use Blobs for various purposes, but a common one is to generate a downloadable file within the web page without having to retrieve anything further from the server. I use this method to create HTML files, PNG files, and JPEG files. I sometimes see PDF files open in a new tab with a blob: URL.

The "object" URL generated in this process is specific to the generated file and doesn't exist on the server. So I don't think you can report the blob itself as a phishing file, you would need to report the page that generates the blob as a phishing page.

Ler a resposta no contexto 👍 1

All Replies (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Chosen Solution

Web and JavaScript developers use Blobs for various purposes, but a common one is to generate a downloadable file within the web page without having to retrieve anything further from the server. I use this method to create HTML files, PNG files, and JPEG files. I sometimes see PDF files open in a new tab with a blob: URL.

The "object" URL generated in this process is specific to the generated file and doesn't exist on the server. So I don't think you can report the blob itself as a phishing file, you would need to report the page that generates the blob as a phishing page.

Helpful?

J S
J S Question owner
more options

Wonderful! If only all technical support was as helpful as you. And you're a volunteer? Some company could be paying you mega dollars for answers only a fraction as useful. Thanks.

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.