ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "litepub": "http://litepub.social/ns#", "directMessage": "litepub:directMessage", "Hashtag": "as:Hashtag" } ], "id": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951", "type": "Note", "summary": null, "inReplyTo": "https://cyberplace.social/users/GossiTheDog/statuses/113364491040478777", "published": "2024-10-25T07:56:01Z", "url": "https://infosec.exchange/@ErikvanStraten/113366988322759951", "attributedTo": "https://infosec.exchange/users/ErikvanStraten", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/ErikvanStraten/followers", "https://cyberplace.social/users/GossiTheDog" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951", "inReplyToAtomUri": "https://cyberplace.social/users/GossiTheDog/statuses/113364491040478777", "conversation": "tag:cyberplace.social,2024-02-21:objectId=21013272:objectType=Conversation", "content": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://cyberplace.social/@GossiTheDog\" class=\"u-url mention\">@<span>GossiTheDog</span></a></span> : it&#39;s not the lack of MFA that is the problem.</p><p>Problem 1) is that a SPOF (*) is permitted access to data of millions (either directly or indirectly). This risk includes compromise of client devices.</p><p>2) Weak MFA (+) does not prevent these attacks, because the SPOF may be phished into entering their credentials in a third party page that imitates the intended Citrix Netscaler.</p><p>Please do not promote a flawed fix for bad passwords (2019: <a href=\"https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/all-your-creds-are-belong-to-us/ba-p/855124\" target=\"_blank\" rel=\"nofollow noopener\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">techcommunity.microsoft.com/t5</span><span class=\"invisible\">/microsoft-entra-azure-ad-blog/all-your-creds-are-belong-to-us/ba-p/855124</span></a>).</p><p>(*) Single Point Of Failure</p><p>(+) SMS, Voice, TOTP, Number Matchting, Location</p><p><a href=\"https://infosec.exchange/tags/AllYourCredsAreBelongToUs\" class=\"mention hashtag\" rel=\"tag\">#<span>AllYourCredsAreBelongToUs</span></a> <a href=\"https://infosec.exchange/tags/MFAHadFailed\" class=\"mention hashtag\" rel=\"tag\">#<span>MFAHadFailed</span></a> <a href=\"https://infosec.exchange/tags/AlexWeinert\" class=\"mention hashtag\" rel=\"tag\">#<span>AlexWeinert</span></a> <a href=\"https://infosec.exchange/tags/MFA\" class=\"mention hashtag\" rel=\"tag\">#<span>MFA</span></a> <a href=\"https://infosec.exchange/tags/2FA\" class=\"mention hashtag\" rel=\"tag\">#<span>2FA</span></a> <a href=\"https://infosec.exchange/tags/WeakMFA\" class=\"mention hashtag\" rel=\"tag\">#<span>WeakMFA</span></a> <a href=\"https://infosec.exchange/tags/NumberMatching\" class=\"mention hashtag\" rel=\"tag\">#<span>NumberMatching</span></a> <a href=\"https://infosec.exchange/tags/AlexWeinert\" class=\"mention hashtag\" rel=\"tag\">#<span>AlexWeinert</span></a> <a href=\"https://infosec.exchange/tags/Weinert\" class=\"mention hashtag\" rel=\"tag\">#<span>Weinert</span></a> <a href=\"https://infosec.exchange/tags/SMS\" class=\"mention hashtag\" rel=\"tag\">#<span>SMS</span></a> <a href=\"https://infosec.exchange/tags/TOTP\" class=\"mention hashtag\" rel=\"tag\">#<span>TOTP</span></a> <a href=\"https://infosec.exchange/tags/EvilGinx2\" class=\"mention hashtag\" rel=\"tag\">#<span>EvilGinx2</span></a> <a href=\"https://infosec.exchange/tags/EvilProxy\" class=\"mention hashtag\" rel=\"tag\">#<span>EvilProxy</span></a> <a href=\"https://infosec.exchange/tags/PhaaS\" class=\"mention hashtag\" rel=\"tag\">#<span>PhaaS</span></a></p>", "contentMap": { "en": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://cyberplace.social/@GossiTheDog\" class=\"u-url mention\">@<span>GossiTheDog</span></a></span> : it&#39;s not the lack of MFA that is the problem.</p><p>Problem 1) is that a SPOF (*) is permitted access to data of millions (either directly or indirectly). This risk includes compromise of client devices.</p><p>2) Weak MFA (+) does not prevent these attacks, because the SPOF may be phished into entering their credentials in a third party page that imitates the intended Citrix Netscaler.</p><p>Please do not promote a flawed fix for bad passwords (2019: <a href=\"https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/all-your-creds-are-belong-to-us/ba-p/855124\" target=\"_blank\" rel=\"nofollow noopener\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">techcommunity.microsoft.com/t5</span><span class=\"invisible\">/microsoft-entra-azure-ad-blog/all-your-creds-are-belong-to-us/ba-p/855124</span></a>).</p><p>(*) Single Point Of Failure</p><p>(+) SMS, Voice, TOTP, Number Matchting, Location</p><p><a href=\"https://infosec.exchange/tags/AllYourCredsAreBelongToUs\" class=\"mention hashtag\" rel=\"tag\">#<span>AllYourCredsAreBelongToUs</span></a> <a href=\"https://infosec.exchange/tags/MFAHadFailed\" class=\"mention hashtag\" rel=\"tag\">#<span>MFAHadFailed</span></a> <a href=\"https://infosec.exchange/tags/AlexWeinert\" class=\"mention hashtag\" rel=\"tag\">#<span>AlexWeinert</span></a> <a href=\"https://infosec.exchange/tags/MFA\" class=\"mention hashtag\" rel=\"tag\">#<span>MFA</span></a> <a href=\"https://infosec.exchange/tags/2FA\" class=\"mention hashtag\" rel=\"tag\">#<span>2FA</span></a> <a href=\"https://infosec.exchange/tags/WeakMFA\" class=\"mention hashtag\" rel=\"tag\">#<span>WeakMFA</span></a> <a href=\"https://infosec.exchange/tags/NumberMatching\" class=\"mention hashtag\" rel=\"tag\">#<span>NumberMatching</span></a> <a href=\"https://infosec.exchange/tags/AlexWeinert\" class=\"mention hashtag\" rel=\"tag\">#<span>AlexWeinert</span></a> <a href=\"https://infosec.exchange/tags/Weinert\" class=\"mention hashtag\" rel=\"tag\">#<span>Weinert</span></a> <a href=\"https://infosec.exchange/tags/SMS\" class=\"mention hashtag\" rel=\"tag\">#<span>SMS</span></a> <a href=\"https://infosec.exchange/tags/TOTP\" class=\"mention hashtag\" rel=\"tag\">#<span>TOTP</span></a> <a href=\"https://infosec.exchange/tags/EvilGinx2\" class=\"mention hashtag\" rel=\"tag\">#<span>EvilGinx2</span></a> <a href=\"https://infosec.exchange/tags/EvilProxy\" class=\"mention hashtag\" rel=\"tag\">#<span>EvilProxy</span></a> <a href=\"https://infosec.exchange/tags/PhaaS\" class=\"mention hashtag\" rel=\"tag\">#<span>PhaaS</span></a></p>" }, "attachment": [], "tag": [ { "type": "Mention", "href": "https://cyberplace.social/users/GossiTheDog", "name": "@GossiTheDog@cyberplace.social" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/allyourcredsarebelongtous", "name": "#allyourcredsarebelongtous" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/mfahadfailed", "name": "#mfahadfailed" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/alexweinert", "name": "#alexweinert" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/mfa", "name": "#mfa" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/2fa", "name": "#2fa" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/weakmfa", "name": "#weakmfa" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/numbermatching", "name": "#numbermatching" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/weinert", "name": "#weinert" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/sms", "name": "#sms" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/totp", "name": "#totp" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/Evilginx2", "name": "#Evilginx2" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/evilproxy", "name": "#evilproxy" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/phaas", "name": "#phaas" } ], "replies": { "id": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951/likes", "type": "Collection", "totalItems": 0 }, "shares": { "id": "https://infosec.exchange/users/ErikvanStraten/statuses/113366988322759951/shares", "type": "Collection", "totalItems": 0 } }