This detection rule identifies potential open redirect vulnerabilities related to the U.S. Antarctic Program Data Center (USAP-DC). It specifically monitors for inbound messages containing links that point to the USAP-DC domain. The rule's logic focuses on the presence of links that have a root domain of 'usap-dc.org' and a path that includes '/tracker'. Furthermore, it scrutinizes the query parameters of the URL, looking for those that begin with 'type=dataset&url=http'. These conditions suggest that the message might be exploiting an open redirect vulnerability, which can be leveraged for credential phishing attacks or to deliver malware. The detection method primarily involves URL analysis, ensuring that messages containing such links are flagged for security review. The severity is rated as medium, indicating a moderate level of risk associated with potential exploitation. This rule is essential for preventing users from being redirected to malicious sites disguised as legitimate USAP-DC resources.