This rule detects potential open redirect vulnerabilities associated with the domain isadatalab.com. Open redirects are a form of attack where a malicious actor can redirect to an external site, often used in phishing schemes. The rule checks for indicators in inbound messages, specifically looking at URLs that contain the path '/redirect' and query parameters that include 'url='. It further validates that the sender's email domain and headers do not originate from the trusted domain 'bestdeals.today'. To mitigate false positives, the rule assesses the sender's previous messages. If a sender is categorized as high trust and fails DMARC authentication, their messages are flagged. The intent is to capture instances where an open redirect might be exploited for credential phishing or spreading malware, given that open redirects are known to facilitate such attacks.