Event JSON
{
"id": "2ba10497340ab873632f6689418ca0e01944a4a302fc2bed70ff8f7dc31d47ba",
"pubkey": "bbf233debd45328b8bda2bce341cbf258d1f2337e6f31006d0c1b2f29088bd35",
"created_at": 1695915553,
"kind": 1,
"tags": [
[
"p",
"f7d0478e54eaa6e0cc98adf81d712148bce169a2c21b1c0f7a4ed446c6adc09e",
"wss://relay.mostr.pub"
],
[
"p",
"f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"wss://relay.mostr.pub"
],
[
"e",
"7912ed2c4f1173505622350c997f41f208f8302838dee99b21d2188ab5c10a25",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://infosec.exchange/users/chort/statuses/111143521714379320",
"activitypub"
]
],
"content": "nostr:npub17lgy0rj5a2nwpnyc4hup6ufpfz7wz6dzcgd3crm6fm2yd34dcz0qlk9uux I don’t have all the context, but session token theft doesn’t necessarily mean they interacted with a phishing website. Could have been endpoint malware that stole it from browser.",
"sig": "47163dc4b79f3369df4ac1b232defc117dfbe2ede01d437049b52b0e3a416dd2ac8b2a581d917290aa756b1e161e98d573068679dfce7abd81b309c37c706137"
}
