{
"summary": {
"id": "63b97d57-0af4-4835-8a3e-8d9fe3949786",
"sid": 9114748,
"createdAt": "2024-10-22T23:26:17.239+00:00",
"updatedAt": "2024-10-22T23:26:24.844+00:00",
"tenantId": "35873022-0c7d-4118-bca8-ad1eebc682cb",
"displayld": 781,
"state": "closed",
"title": "Message Delivered to bob[@]tricorion[.]tk with link hxxps://theexcelclub[.]com/",
"closedAt": "2024-10-22T23:26:24.844+00:00",
"assigned Teamld": "a3672f71-fad5-46e1-a7d5-4d6c2a2b4521",
"assigned TeamName": "Analyst",
"falsePositiveCount": 0,
"messageCount": 2,
"message SourceData": {
"hasTapAlert": true,
"hasAbuseAlert": false,
"hasSmartSearchImport": false,
"hasMessageCsvUpload": false
}
},
"comments": [
{
"id": "e248ce9d-a1ed-41a1-a277-f6d3efd38ee8",
"author": "Security Admin User",
"comment": "This incident has been remediated.",
"deleted": false,
"author_id": "a8405822-c771-474c-9154-7d023c710764",
"tenant_id": "35873022-0c7d-4118-bca8-ad1eebc682cb",
"comment_id": "5e1bba31-3ce9-4d10-99e6-3644b128abe0",
"created_at": "2024-11-26T20:51:44.427",
"updated_at": "2024-11-26T20:51:44.427",
"incident_id": "e6134e09-6d02-444e-b1a6-7f9d7fe72cc7",
"activity_type": "comment_addition",
"activity_details": {}
}
],
"activities": [
{
"id": "b0bf87d9-99be-4d8d-8848-4fb9870549a3",
"content": null,
"tenant_id": "35873022-0c7d-4118-bca8-ad1eebc682cb",
"cause_type": "history",
"comment_id": null,
"created_at": "2024-10-22T23:26:24.845",
"updated_at": "2024-10-22T23:26:24.845",
"incident_id": "63b97d57-0af4-4835-8a3e-8d9fe3949786",
"occurred at": "2024-10-22T23:26:24.845075",
"activity_type": "state_change",
"causing_api_key": null,
"activity_details": {
"new_state": "closed",
"old_state": "open"
},
"causing_user_name": null,
"causing_workflow_name": "Close Incident"
}
],
"total": 2,
"startRow": 0,
"endRow": 200,
"messages": [
{
"id": "768c0276-01eb-4e35-b0c3-f97fa9af6b95",
"sid": 122547986,
"createdAt": "2024-10-22T23:26:15.976+00:00",
"updatedAt": "2024-11-26T15:43:28.015+00:00",
"tenantld": "35873022-0c7d-4118-bca8-ad1eebc682cb",
"emailld": "9129c5fd-ca52-47a1-b5c3-049ca7d31e4c",
"messageld": "<DS7PR12MB62861B30D1A2B5714E5473F3AC4C2@DS7PR12MB6286.namprd12.prod.outlook.com>",
"ppsGuid": "vMojOP7kQU8PdYJIBip0xGnkbo4Krl_j",
"disposition": "malware",
"emailSubject": "TDS test mail-3 - PL",
"emailRecipientId": "768c0276-01eb-4e35-b0c3-f97fa9af6b95",
"trap Received Time": "2024-10-22T23:26:15.976+00:00",
"receivedAt": "2024-10-22T23:22:27.760+00:00",
"remediationStatus": "mailbox_not_found",
"quarantineStrategy": "forward_and_delete",
"emailRecipientType": "to",
"incidentId": "63b97d57-0af4-4835-8a3e-8d9fe3949786",
"association": "sender_and_subject",
"mimeContentPresent": false,
"bodyPresent": false,
"senderld": "6ba5a494-bedb-4aad-a2f3-a20b8e3887c0",
"senderAddress": "bad_guy@nefariousdomain.com",
"senderlp": "148.163.159.21",
"recipientAddress": "bob@tricorion.tk",
"lastKnownType": "unknown",
"tapCleared": false,
"vip": false,
"vap": true,
"reports": 0,
"messageStatus": {
"permitted_clicks": 0,
"message_delivered": true
},
"sources": [
{
"type": "TapAlert"
}
],
"abuseReporterRank": "not_a_reporter",
"tap Threat Types": [
"delivered_url_threat"
]
}
]
}
