This detection rule is designed to identify and flag emails containing Looker Studio reports that may contain sexually explicit content. The primary focus is on reports originating from non-organizational email domains, specifically those sent from 'looker-studio-noreply@google.com'. The rule implements a set of criteria for scoring and filtering suspicious activity: it checks that the sender's domain is not an organizational domain, ensuring that emails originate from outside the trusted organization. Additionally, it employs content analysis to scan both the subject line and body of the email for a comprehensive list of sexually explicit keywords using predefined regular expressions. If either the subject or body contains these keywords, the email is flagged for potential spam, thereby enabling organizations to protect against unsolicited and inappropriate content.