A small tool to view real-world ActivityPub objects as JSON! Enter a URL
or username from Mastodon or a similar service below, and we'll send a
request with
the right
Accept
header
to the server to view the underlying object.
{
"@context": [
"https://www.w3.org/ns/activitystreams",
{
"ostatus": "http://ostatus.org#",
"atomUri": "ostatus:atomUri",
"inReplyToAtomUri": "ostatus:inReplyToAtomUri",
"conversation": "ostatus:conversation",
"sensitive": "as:sensitive",
"toot": "http://joinmastodon.org/ns#",
"votersCount": "toot:votersCount",
"litepub": "http://litepub.social/ns#",
"directMessage": "litepub:directMessage",
"blurhash": "toot:blurhash",
"focalPoint": {
"@container": "@list",
"@id": "toot:focalPoint"
},
"Hashtag": "as:Hashtag"
}
],
"id": "https://infosec.exchange/users/knitcode/statuses/114066695083397042",
"type": "Note",
"summary": null,
"inReplyTo": null,
"published": "2025-02-25T21:40:39Z",
"url": "https://infosec.exchange/@knitcode/114066695083397042",
"attributedTo": "https://infosec.exchange/users/knitcode",
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"cc": [
"https://infosec.exchange/users/knitcode/followers"
],
"sensitive": false,
"atomUri": "https://infosec.exchange/users/knitcode/statuses/114066695083397042",
"inReplyToAtomUri": null,
"conversation": "tag:infosec.exchange,2025-02-25:objectId=245425660:objectType=Conversation",
"content": "<p>Toll scam with two link shorteners and cloaked domain in my phone this morning. Here is some intel:</p><p>* Group message on Google Fi after which the sender removed me from the group, so i can't reply or check users</p><p>* First link is a BitLy link which redirects to </p><p>* Twitter links which redirects to </p><p>* cloaked domain (simple TDS / "checker") which leads to </p><p>* fake EZ Pay or Google Search page (if you fail the check) </p><p>* threat actor protected by CloudFlare </p><p>hxxps://bit[.]ly/4idHmjw?pPQ=SAgNTz2AU4 ---><br />hxxps://t[.]co/m0THsqXnQv --> <br />q6pwm[.]party (cloaked / TDS) </p><p><a href=\"https://infosec.exchange/tags/dns\" class=\"mention hashtag\" rel=\"tag\">#<span>dns</span></a> <a href=\"https://infosec.exchange/tags/threatintel\" class=\"mention hashtag\" rel=\"tag\">#<span>threatintel</span></a> <a href=\"https://infosec.exchange/tags/cybercrime\" class=\"mention hashtag\" rel=\"tag\">#<span>cybercrime</span></a> <a href=\"https://infosec.exchange/tags/cybersecurity\" class=\"mention hashtag\" rel=\"tag\">#<span>cybersecurity</span></a> <a href=\"https://infosec.exchange/tags/infosec\" class=\"mention hashtag\" rel=\"tag\">#<span>infosec</span></a> <a href=\"https://infosec.exchange/tags/scam\" class=\"mention hashtag\" rel=\"tag\">#<span>scam</span></a> <a href=\"https://infosec.exchange/tags/tds\" class=\"mention hashtag\" rel=\"tag\">#<span>tds</span></a><br /><a href=\"https://infosec.exchange/tags/infoblox\" class=\"mention hashtag\" rel=\"tag\">#<span>infoblox</span></a></p>",
"contentMap": {
"en": "<p>Toll scam with two link shorteners and cloaked domain in my phone this morning. Here is some intel:</p><p>* Group message on Google Fi after which the sender removed me from the group, so i can't reply or check users</p><p>* First link is a BitLy link which redirects to </p><p>* Twitter links which redirects to </p><p>* cloaked domain (simple TDS / "checker") which leads to </p><p>* fake EZ Pay or Google Search page (if you fail the check) </p><p>* threat actor protected by CloudFlare </p><p>hxxps://bit[.]ly/4idHmjw?pPQ=SAgNTz2AU4 ---><br />hxxps://t[.]co/m0THsqXnQv --> <br />q6pwm[.]party (cloaked / TDS) </p><p><a href=\"https://infosec.exchange/tags/dns\" class=\"mention hashtag\" rel=\"tag\">#<span>dns</span></a> <a href=\"https://infosec.exchange/tags/threatintel\" class=\"mention hashtag\" rel=\"tag\">#<span>threatintel</span></a> <a href=\"https://infosec.exchange/tags/cybercrime\" class=\"mention hashtag\" rel=\"tag\">#<span>cybercrime</span></a> <a href=\"https://infosec.exchange/tags/cybersecurity\" class=\"mention hashtag\" rel=\"tag\">#<span>cybersecurity</span></a> <a href=\"https://infosec.exchange/tags/infosec\" class=\"mention hashtag\" rel=\"tag\">#<span>infosec</span></a> <a href=\"https://infosec.exchange/tags/scam\" class=\"mention hashtag\" rel=\"tag\">#<span>scam</span></a> <a href=\"https://infosec.exchange/tags/tds\" class=\"mention hashtag\" rel=\"tag\">#<span>tds</span></a><br /><a href=\"https://infosec.exchange/tags/infoblox\" class=\"mention hashtag\" rel=\"tag\">#<span>infoblox</span></a></p>"
},
"attachment": [
{
"type": "Document",
"mediaType": "image/jpeg",
"url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/066/692/244/946/289/original/bbf1811e03c9825f.jpg",
"name": null,
"blurhash": "U~OM~Qjrjwa~01j[axayIJa$fNj=s~j[j^fR",
"width": 1013,
"height": 1800
},
{
"type": "Document",
"mediaType": "image/jpeg",
"url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/066/692/246/114/013/original/6249eda35657ca3c.jpg",
"name": null,
"blurhash": "U?PGaDayj[j[01j[ayay9FofayayM{fjj[ay",
"width": 1013,
"height": 1800
},
{
"type": "Document",
"mediaType": "image/jpeg",
"url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/066/692/247/975/113/original/7f93a2491042e148.jpg",
"name": null,
"blurhash": "U48XC4?H00s,~qo#Rjs+4oM}%MWBD$sl%MR-",
"width": 810,
"height": 1800
},
{
"type": "Document",
"mediaType": "image/jpeg",
"url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/066/692/248/491/660/original/fbeb3c62fba39236.jpg",
"name": null,
"blurhash": "U69H2|-=4Tn$Rjs:xuRkD*e-t8afoKjut7oJ",
"width": 810,
"height": 1800
}
],
"tag": [
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/dns",
"name": "#dns"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/threatintel",
"name": "#threatintel"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/cybercrime",
"name": "#cybercrime"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/cybersecurity",
"name": "#cybersecurity"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/infosec",
"name": "#infosec"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/scam",
"name": "#scam"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/tds",
"name": "#tds"
},
{
"type": "Hashtag",
"href": "https://infosec.exchange/tags/infoblox",
"name": "#infoblox"
}
],
"replies": {
"id": "https://infosec.exchange/users/knitcode/statuses/114066695083397042/replies",
"type": "Collection",
"first": {
"type": "CollectionPage",
"next": "https://infosec.exchange/users/knitcode/statuses/114066695083397042/replies?only_other_accounts=true&page=true",
"partOf": "https://infosec.exchange/users/knitcode/statuses/114066695083397042/replies",
"items": []
}
},
"likes": {
"id": "https://infosec.exchange/users/knitcode/statuses/114066695083397042/likes",
"type": "Collection",
"totalItems": 1
},
"shares": {
"id": "https://infosec.exchange/users/knitcode/statuses/114066695083397042/shares",
"type": "Collection",
"totalItems": 2
}
}