mirror of https://github.com/zulip/zulip.git
41 lines
847 B
JSON
41 lines
847 B
JSON
{
|
|
"Token": "dbwx4d68flwh2u5zku56nogu6",
|
|
"Intro": "A MS Word .docx Document Canarytoken has been triggered over doc-msword by the source IP 1.1.1.1.",
|
|
"Description": "MS Word .docx Document",
|
|
"Triggered": 5,
|
|
"AdditionalDetails": [
|
|
[
|
|
"Accept",
|
|
"*/*"
|
|
],
|
|
[
|
|
"Accept-Encoding",
|
|
"gzip, deflate"
|
|
],
|
|
[
|
|
"Accept-Language",
|
|
"en-gb"
|
|
],
|
|
[
|
|
"Background Context",
|
|
"You have had 21 incidents from 1.1.1.1 previously."
|
|
],
|
|
[
|
|
"Connection",
|
|
"keep-alive"
|
|
],
|
|
[
|
|
"Dst Port",
|
|
80
|
|
],
|
|
[
|
|
"User-Agent",
|
|
"Mozilla/4.0 (compatible; ms-office; MSOffice 16)"
|
|
]
|
|
],
|
|
"Timestamp": "2020-07-20 14:40:15 (UTC)",
|
|
"Reminder": "test document",
|
|
"IncidentHash": "db6f9b5528c6c6c385cb3bb63f5949c8",
|
|
"AlertType": "CanarytokenIncident"
|
|
}
|