Link: Blogspot hosting explicit romance content

calendar Mar 9, 2026  ·
Share on: linkedin copy

Detects inbound messages containing links to Blogspot domains that host explicit romance content, identified through natural language processing of the message body.

Sublime rule (View on GitHub)

 1name: "Link: Blogspot hosting explicit romance content"
 2description: "Detects inbound messages containing links to Blogspot domains that host explicit romance content, identified through natural language processing of the message body."
 3type: "rule"
 4severity: "medium"
 5source: |
 6  type.inbound
 7  and any(body.links, .href_url.domain.root_domain == "blogspot.com")
 8  and (
 9    any(ml.nlu_classifier(body.current_thread.text).topics,
10        .name == "Sexually Explicit Messages"
11    )
12  )  
13attack_types:
14  - "Spam"
15tactics_and_techniques:
16  - "Free subdomain host"
17  - "Social engineering"
18detection_methods:
19  - "Natural Language Understanding"
20  - "URL analysis"
21id: "132e88c5-7aaf-5ec1-a70b-3e2f3b01a7a9"
to-top