Top 100 Open Redirect dorks


Just like previous list of XSS dorks but this time for Open Redirect vulnerabilities.

First with most common parameters then parameters along with path.

page 19.3%
url 13.1%
ret 10.0%
r2 9.8%
img 7.0%
u 4.4%
return 2.6%
r 2.6%
URL 2.4%
next 2.0%
redirect 2.0%
redirectBack 1.6%
AuthState 1.2%
referer 0.8%
redir 0.8%
l 0.8%
aspxerrorpath 0.6%
image_path 0.6%
ActionCodeURL 0.6%
return_url 0.6%
link 0.6%
q 0.6%
location 0.6%
ReturnUrl 0.6%
uri 0.4%
referrer 0.4%
returnUrl 0.4%
forward 0.4%
file 0.4%
rb 0.4%
end_display 0.4%
urlact 0.4%
from 0.4%
goto 0.4%
path 0.4%
redirect_url 0.4%
old 0.4%
pathlocation 0.2%
successTarget 0.2%
returnURL 0.2%
urlsito 0.2%
newurl 0.2%
Url 0.2%
back 0.2%
retour 0.2%
odkazujuca_linka 0.2%
r_link 0.2%
cur_url 0.2%
H_name 0.2%
ref 0.2%
topic 0.2%
resource 0.2%
returnTo 0.2%
home 0.2%
node 0.2%
sUrl 0.2%
href 0.2%
linkurl 0.2%
returnto 0.2%
redirecturl 0.2%
SL 0.2%
st 0.2%
errorUrl 0.2%
media 0.2%
destination 0.2%
targeturl 0.2%
return_to 0.2%
cancel_url 0.2%
doc 0.2%
GO 0.2%
ReturnTo 0.2%
anything 0.2%
FileName 0.2%
logoutRedirectURL 0.2%
list 0.2%
startUrl 0.2%
service 0.2%
redirect_to 0.2%
end_url 0.2%
_next 0.2%
noSuchEntryRedirect 0.2%
context 0.2%
returnurl 0.2%
ref_url 0.2%
/?page= 18.5
/index.php?ret= 10.0
/analytics/hit.php?r2= 9.8
/api/thumbnail?img= 7.0
/e.html?u= 3.2
/actions/act_continueapplication.cfm?r= 2.4
/redirect2/?url= 2.0
/Shibboleth.sso/Logout?return= 1.2
/ui/clear-selected/?next= 1.2
/Home/Redirect?url= 1.2
/jobs/?l= 0.8
/Error.aspx?aspxerrorpath= 0.6
/r.php?u= 0.6
/services/logo_handler.ashx?image_path= 0.6
/AddProduct.aspx?ActionCodeURL= 0.6
/tools/login/default.asp?page= 0.6
/spip.php?url= 0.6
/usermanagement/mailGeneratedPassword?referer= 0.6
/?return= 0.6
/?redir= 0.6
/simplesaml/module.php/core/loginuserpass.php?AuthState= 0.6
/out.php?url= 0.6
/affiche.php?uri= 0.4
/redirector.php?url= 0.4
/cgi/set_lang?referrer= 0.4
/blog/click?url= 0.4
/site.php?url= 0.4
/download2.php?file= 0.4
/jump.php?url= 0.4
/redirect/?redirect= 0.4
/admin/track/track?redirect= 0.4
/switch.php?rb= 0.4
/php-scripts/form-handler.php?end_display= 0.4
/cg/rk/?url= 0.4
/tosite.php?url= 0.4
/cambioidioma.php?urlact= 0.4
/accueil/spip.php?url= 0.4
/IRB/sd/Rooms/RoomComponents/LoginView/GetSessionAndBack?redirectBack= 0.4
/search?q= 0.4
/default.aspx?URL= 0.4
/initiate-sso-login/?redirect_url= 0.4
/module.php/core/loginuserpass.php?AuthState= 0.4
/authentication/check_login?old= 0.4
/RedirectToDoc.aspx?URL= 0.4
/shop/bannerhit.php?url= 0.4
/acceptcookies/?ReturnUrl= 0.4
/index.php?url= 0.4
/publang?url= 0.2
/home/helperpage?url= 0.2
/widgets.aspx?url= 0.2
/_lang/en?next= 0.2
/application/en?url= 0.2
/common/topcorm.do?pathlocation= 0.2
/main/action?successTarget= 0.2
/Videos/SetCulture?returnURL= 0.2
/Localize/ChangeLang?returnUrl= 0.2
/_goToSite.asp?urlsito= 0.2
/redir?url= 0.2
/admin/auth/logined?redirect= 0.2
/linkforward?forward= 0.2
/modules/babel/redirect.php?newurl= 0.2
/umbraco/Surface/LanguageSurface/ChangeLanguage?Url= 0.2
/langswitcher.php?url= 0.2
/redirect/?url= 0.2
/i18n/i18n_user_currencies/change_currency?back= 0.2
/accessibilite/textBackUp/?retour= 0.2
/fncBox.php?url= 0.2
/all4shop-akcie.php?odkazujuca_linka= 0.2
/openurl.php?url= 0.2
/te3/out.php?u= 0.2
/utils/set_language.html?return_url= 0.2
/trigger.php?r_link= 0.2
/home/lng?cur_url= 0.2
/goto?url= 0.2
/o.php?url= 0.2
/link-master/19/follow?link= 0.2
/hack.php?H_name= 0.2
/bmad/namhoc.php?return= 0.2
/maven/stats.asp?ref= 0.2
/Main/WebHome?topic= 0.2
/bin/fusion/imsLogin?resource= 0.2
/languechange.aspx?url= 0.2
/bloques/bannerclick.php?url= 0.2
/changesiteversion-full?referer= 0.2
/out.php?link= 0.2
/bgpage?r= 0.2
/signout?returnTo= 0.2
/switch_lang.php?return_url= 0.2
/nousername.php?redir= 0.2
/i/logout?return= 0.2
/util_goto_detail_home.cfm?home= 0.2
/misc/oldmenu.html?from= 0.2
/click.php?url= 0.2
/bitrix/rdc/?goto= 0.2
/?node= 0.2
/setLanguage.php?return= 0.2
/redirect/ad?url= 0.2
/redirect.php?sUrl= 0.2
/redirect?url= 0.2
/url?url= 0.2