ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "blurhash": "toot:blurhash", "focalPoint": { "@container": "@list", "@id": "toot:focalPoint" }, "Hashtag": "as:Hashtag" } ], "id": "https://nerdculture.de/users/Olly42/statuses/113963749100519598", "type": "Note", "summary": null, "inReplyTo": null, "published": "2025-02-07T17:20:08Z", "url": "https://nerdculture.de/@Olly42/113963749100519598", "attributedTo": "https://nerdculture.de/users/Olly42", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://nerdculture.de/users/Olly42/followers" ], "sensitive": false, "atomUri": "https://nerdculture.de/users/Olly42/statuses/113963749100519598", "inReplyToAtomUri": null, "conversation": "tag:nerdculture.de,2025-02-07:objectId=163187831:objectType=Conversation", "content": "<p>Developers targeted with Malware disguised as DeepSeek Package.</p><p>Threat actors are taking advantage of the rise in popularity of DeepSeek to promote two malicious infostealer packages on the Python Package Index, where they impersonated developer tools for the AI platform.</p><p><a href=\"https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/malicious-packages-deepseeek-and-deepseekai-published-in-python-package-index\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">global.ptsecurity.com/analytic</span><span class=\"invisible\">s/pt-esc-threat-intelligence/malicious-packages-deepseeek-and-deepseekai-published-in-python-package-index</span></a></p><p><a href=\"https://nerdculture.de/tags/deepseek\" class=\"mention hashtag\" rel=\"tag\">#<span>deepseek</span></a> <a href=\"https://nerdculture.de/tags/llm\" class=\"mention hashtag\" rel=\"tag\">#<span>llm</span></a> <a href=\"https://nerdculture.de/tags/it\" class=\"mention hashtag\" rel=\"tag\">#<span>it</span></a> <a href=\"https://nerdculture.de/tags/security\" class=\"mention hashtag\" rel=\"tag\">#<span>security</span></a> <a href=\"https://nerdculture.de/tags/privacy\" class=\"mention hashtag\" rel=\"tag\">#<span>privacy</span></a> <a href=\"https://nerdculture.de/tags/engineer\" class=\"mention hashtag\" rel=\"tag\">#<span>engineer</span></a> <a href=\"https://nerdculture.de/tags/media\" class=\"mention hashtag\" rel=\"tag\">#<span>media</span></a> <a href=\"https://nerdculture.de/tags/developer\" class=\"mention hashtag\" rel=\"tag\">#<span>developer</span></a> <a href=\"https://nerdculture.de/tags/tech\" class=\"mention hashtag\" rel=\"tag\">#<span>tech</span></a> <a href=\"https://nerdculture.de/tags/news\" class=\"mention hashtag\" rel=\"tag\">#<span>news</span></a></p>", "contentMap": { "en": "<p>Developers targeted with Malware disguised as DeepSeek Package.</p><p>Threat actors are taking advantage of the rise in popularity of DeepSeek to promote two malicious infostealer packages on the Python Package Index, where they impersonated developer tools for the AI platform.</p><p><a href=\"https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/malicious-packages-deepseeek-and-deepseekai-published-in-python-package-index\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">global.ptsecurity.com/analytic</span><span class=\"invisible\">s/pt-esc-threat-intelligence/malicious-packages-deepseeek-and-deepseekai-published-in-python-package-index</span></a></p><p><a href=\"https://nerdculture.de/tags/deepseek\" class=\"mention hashtag\" rel=\"tag\">#<span>deepseek</span></a> <a href=\"https://nerdculture.de/tags/llm\" class=\"mention hashtag\" rel=\"tag\">#<span>llm</span></a> <a href=\"https://nerdculture.de/tags/it\" class=\"mention hashtag\" rel=\"tag\">#<span>it</span></a> <a href=\"https://nerdculture.de/tags/security\" class=\"mention hashtag\" rel=\"tag\">#<span>security</span></a> <a href=\"https://nerdculture.de/tags/privacy\" class=\"mention hashtag\" rel=\"tag\">#<span>privacy</span></a> <a href=\"https://nerdculture.de/tags/engineer\" class=\"mention hashtag\" rel=\"tag\">#<span>engineer</span></a> <a href=\"https://nerdculture.de/tags/media\" class=\"mention hashtag\" rel=\"tag\">#<span>media</span></a> <a href=\"https://nerdculture.de/tags/developer\" class=\"mention hashtag\" rel=\"tag\">#<span>developer</span></a> <a href=\"https://nerdculture.de/tags/tech\" class=\"mention hashtag\" rel=\"tag\">#<span>tech</span></a> <a href=\"https://nerdculture.de/tags/news\" class=\"mention hashtag\" rel=\"tag\">#<span>news</span></a></p>" }, "attachment": [ { "type": "Document", "mediaType": "video/mp4", "url": "https://nerdculture.de/system/media_attachments/files/113/963/683/640/219/980/original/dde98eac0b86c885.mp4", "name": "The packages were named \"deepseeek\" and \"deepseekai\" after the Chinese artificial intelligence startup, developer of the R1 large-language model that recently saw a meteoric surge in popularity.\n\nAccording to Positive Technologies researchers who discovered the campaign and reported it to PyPI, the packages posing as Python clients for DeepSeek AI were infostealers that stole data from developers who utilized them.\n\nOnce executed on the developer's machine, the malicious payload stole user and system data as well as environment variables such as API keys, database credentials and infrastructure access tokens.", "blurhash": "UM9QBbk?W=a{1Pf,n~ae^Kf6WBjs9}kCofj[", "focalPoint": [ -0.010071942446043453, -1 ], "width": 352, "height": 548 }, { "type": "Document", "mediaType": "image/png", "url": "https://nerdculture.de/system/media_attachments/files/113/963/687/409/845/888/original/26ce13670f89cd53.png", "name": "[ImageSource: Positive Technologies]\n\nThe malicious packages, deepseeek 0.0.8 and deepseekai 0.0.8 were uploaded to PyPI on January 29, 2025, with only twenty minutes between them.\n\nPositive Technologies quickly discovered and reported them to PyPI, which quarantined and blocked downloads of the packages, followed by their complete deletion from the platform.\n\nDespite the quick detection and response, 222 developers downloaded the two packages, most from the United States (117), followed by China (36), Russia, Germany, Hong Kong and Canada. Those developers who utilized these packages should immediately rotate their API keys, authentication tokens and passwords, as they may now be compromised.", "blurhash": "UjQ0gkNHflog0LWXj@az4:j]oIf6D+j]odj?", "focalPoint": [ -1, 1 ], "width": 1280, "height": 1114 }, { "type": "Document", "mediaType": "image/png", "url": "https://nerdculture.de/system/media_attachments/files/113/963/688/343/436/642/original/9a479c6c50735793.png", "name": "[ImageSource: Positive Technologies]\n\nMalicious payload contained in both packages.\n\nThe stolen information was exfiltrated to a command and control (C2) server at eoyyiyqubj7mquj.m.pipedream[.]net using Pipedream, a legitimate automation platform. Threat actors could use this stolen information to access cloud services, databases and other protected resources utilized by the developer.\n\n\"Functions used in these packages are designed to collect user and computer data and steal environment variables\", reads the Positive Technologies report. \"The payload is executed when the user runs the commands deepseeek or deepseekai (depending on the package) in the command-line interface.\"\n\n\"Environment variables often contain sensitive data required for applications to run, for example, API keys for the S3 storage service, database credentials, and permissions to access other infrastructure resources.\"", "blurhash": "U4Rfd[9Fs?_3~qR%IURl_3IpD%M{-;R*xuWU", "focalPoint": [ -1, 1 ], "width": 1280, "height": 876 } ], "tag": [ { "type": "Hashtag", "href": "https://nerdculture.de/tags/deepseek", "name": "#deepseek" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/llm", "name": "#llm" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/it", "name": "#it" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/security", "name": "#security" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/privacy", "name": "#privacy" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/engineer", "name": "#engineer" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/media", "name": "#media" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/developer", "name": "#developer" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/tech", "name": "#tech" }, { "type": "Hashtag", "href": "https://nerdculture.de/tags/news", "name": "#news" } ], "replies": { "id": "https://nerdculture.de/users/Olly42/statuses/113963749100519598/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://nerdculture.de/users/Olly42/statuses/113963749100519598/replies?only_other_accounts=true&page=true", "partOf": "https://nerdculture.de/users/Olly42/statuses/113963749100519598/replies", "items": [] } }, "likes": { "id": "https://nerdculture.de/users/Olly42/statuses/113963749100519598/likes", "type": "Collection", "totalItems": 0 }, "shares": { "id": "https://nerdculture.de/users/Olly42/statuses/113963749100519598/shares", "type": "Collection", "totalItems": 5 } }