Skip to main content

Get Incident Details

Get details of a specific incident.

Parameters

ParameterDescription
Company IDThe ID of the company. Can be found under Account Settings -> General & Security -> Company ID.
Incident IDThe ID of the incident to get details of.

Example Output

{
    "company_id": 11111,
    "company_name": "Blink",
    "incident_id": 11111111,
    "classification": "Report",
    "first_reported_by": "Example",
    "first_reported_date": "2023-03-02T21:09:43.831568Z",
    "affected_mailbox_count": 4,
    "sender_reputation": "low",
    "banner_displayed": null,
    "sender_email": "evaldez.cespedes@lister.com.mx",
    "reply_to": null,
    "spf_result": null,
    "sender_is_internal": false,
    "themis_proba": 0.91,
    "themis_verdict": "Phishing",
    "mail_server": {
        "host": null,
        "ip": "184.60.165.18"
    },
    "federation": {
        "companies_affected": 333,
        "companies_marked_phishing": 81,
        "companies_marked_spam": 5,
        "companies_marked_fp": 1,
        "companies_unclassified": 246,
        "phishing_ratio": 0.24
    },
    "reports": [
        {
            "name": "Example",
            "email": "example@blinkops.com",
            "subject": "IRS Tax Forms K-1",
            "sender_email": "evaldez.cespedes@lister.com.mx",
            "mail_server": {
                "host": null,
                "ip": "184.60.165.18"
            },
            "headers": [
                {
                    "name": "Received",
                    "value": "from MWHPR19MB0926.namprd19.prod.outlook.com (2603:10b6:300:a0::19)\n by MWHPR19MB0030.namprd19.prod.outlook.com with HTTPS; Thu, 17 Mar 2022\n 20:25:54 +0000"
                },
                {
                    "name": "Received",
                    "value": "from MW4PR04CA0364.namprd04.prod.outlook.com (2603:10b6:303:81::9)\n by MWHPR19MB0926.namprd19.prod.outlook.com (2603:10b6:300:a0::19) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.17; Thu, 17 Mar\n 2022 20:25:51 +0000"
                }
            ]
        }
    ],
    "links": [
        {
            "url": "https://www.irs.gov/",
            "name": ""
        },
        {
            "url": "https://u10276865.ct.sendgrid.net/ls/click?upn=ODZIso0HV5wH0JNv4-2B-2FY0ZKe-2B561-2FN0D-2Fjumhk-2Bn0hI-3DyiDL_YgoH4Reaai4qIuxDXSgHMJMYVZgv3b-2BgdrrYBu6c1skxgq0SIma8w13E7IjYa7pc2mnqjNA21-2BOLG607S9B6dvOdECyBKcZs4t-2FktMRS6EbfAIwbdBJyDf20Dj8sO6MSN05hdI04SASXEWU634PYCHetnyvAE59IR96XPXZx11rkk2O-2FWaC-2B2wCZfGtNWsm-2Foih45HyG5vbaHiVIHBYnFE5b8UwCbgOTUw-2BXKnyz-2Fuk-3D",
            "name": "https://www.irs.gov"
        }
    ],
    "attachments": [
        {
            "file_name": "logo_irs.jpg",
            "file_size": 25787,
            "md5": "66a5491d99a5f8a79e40f94d581706ba"
        },
        {
            "file_name": "K-1 form.zip",
            "file_size": 17753,
            "md5": "39594e52baa5827dff43cfb084203cf4"
        }
    ]
}

Workflow Library Example

Get Incident Details with Ironscales and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop