EXPLORE DETECTIONS
Open redirect: bananaguide.com
Message contains use of the bananaguide.com redirect with url parameter. This has been exploited in the wild.
Open redirect: bangkoksync.com
Message contains use of the bangkoksync.com open redirect. This has been exploited in the wild.
Open redirect: bestdeals.today
Message contains use of the bestdeals.today open redirect. This has been exploited in the wild.
Open redirect: Bitrix24 URL Path
Message contains use of the Bitrix24 redirect. This has been exploited in the wild for phishing.
Open redirect: BMW USA
Message contains use of BMW USA's open redirect but the sender is not BMW.
Open redirect: bubblelife.com
Message contains use of the bubblelife.com redirect. This has been exploited in the wild.
Open redirect: buildingengines.com
Detects messages containing buildingengines.com redirect links that use the _redirectTo parameter to redirect users to malicious sites. This has been observed in phishing campaigns.
Open redirect: business.google.com website_shared URL Param
Detects messages containing an open redirect in business.google.com's website_shared/launch_bw.html endpoint with the 'f' parameter. This has been exploited in phishing campaigns to redirect users to malicious sites.
Open redirect: Cartoon Network
This rule detects the use of Cartoon Network's Denmark domain as an open redirect.
Open redirect: chkc.com.hk
Message contains use of the chkc.com.hk open redirect. This has been exploited in the wild.
Open redirect: City of Calgary
Message contains use of calgary.ca's open redirect but the sender is not the City of Calgary.
Open redirect: Club-OS
Message contains use of the Club-OS open redirect. This has been exploited in the wild.
Open redirect: convertcart.com
Message contains use of the convertcart.com redirect. This has been exploited in the wild.
Open redirect: Dell
Message contains use of the Dell open redirect, but the sender is not Dell.
Open redirect: designsori.com
Message contains use of the designsori.com open redirect. This has been exploited in the wild.
Open redirect: documentmailbox.com
Message contains use of the documentmailbox.com open redirect. This has been exploited in the wild.
Open redirect: Doubleclick.net
Doubleclick.net link leveraging an open redirect from a new or outlier sender.
Open redirect: eaoko.org
Message contains use of the eaoko.org redirect. This has been exploited in the wild.
Open redirect: easycamp.com
Message contains use of the easycamp.com open redirect. This has been exploited in the wild.
Open redirect: embluemail.com
Message contains use of the embluemail.com redirect. This has been exploited in the wild.
Open redirect: emlakarsa
Message contains use of the emlakarsa open redirect. This has been exploited in the wild.
Open redirect: emp.eduyield.com
Message contains use of the eduyield redirect which chains google amp. This has been exploited in the wild.
Open redirect: eodcnetworkdirect.com
Message contains use of the eodcnetworkdirect.com redirect. This has been exploited in the wild.
Open redirect: events.csiro.au
Message contains use of the events.csiro.au redirect. This has been exploited in the wild.