On Tue, 25 Jul 2017 13:15:33 +0100
RW <rwmailli...@googlemail.com> wrote:

> https://pastebin.com/p7EnFNf7

We've seen lots of those and collected a few dozen unique URLs for our
URL blacklists.  I added a swath of them to the APER project in this
commit:

        https://sourceforge.net/p/aper/code/11830/

All of the URLs match this pattern:

    /\/[A-Z]{4}\d{6}\/$/

(The leading/trailing Perl slash delimiters are included, but not part of
the pattern.)

so I think a URL rule can catch these.  Doing a HEAD on the URL
gives Content-Type: application/msword.  I think it's most likely safe
to do HEAD requests, but definitely not GET as others have mentioned.

Regards,

Dianne.

Reply via email to