This rule is designed to alert on calendar invitations that come from organizers using domains that were registered within the last 90 days. It identifies potentially suspicious or malicious invites by analyzing inbound messages for '.ics' file attachments. The rule checks if the email contains any attachments of the type 'text/calendar' or 'application/ics'. It inspects the components of each calendar invite to find the organizers' email addresses, and it uses WHOIS lookups on these domains to determine their registration age. If the domain of any organizer is found to be less than 90 days old, it triggers an alert, highlighting the potential risk of phishing or other malicious activities associated with the invite.