urlscan.io logo urlscan.io
SecurityTrails logo

lobste.rs Open in urlscan Pro
2604:a880:400:d0::1dc9:f001  Public Scan

Go To Rescan Add Verdict Report
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Submission Tags: falconsandbox
Submission: On May 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2604:a880:400:d0::1dc9:f001, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is lobste.rs.
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.
This is the only time lobste.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2604:a880:400... 14061 (DIGITALOC...)
14 2
Apex Domain
Subdomains		 Transfer
14 lobste.rs
lobste.rs
31 KB
14 1
Domain Requested by
14 lobste.rs lobste.rs
14 1

This site contains links to these domains. Also see Links.

Domain
paragonie.com
archive.md
php.net
github.com
datatracker.ietf.org
tools.ietf.org
Subject Issuer Validity Valid
lobste.rs
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Frame ID: 32FC8A7FCE4E1617DCEEBFA40EDEB218
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

31 kB
Transfer

88 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jwt_is_bad_standard_everyone_should_avoid
lobste.rs/s/r4lv76/ 		35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a221398aba2145065ba4a0714a2fdab8d80a8c4a5a58f9430c5d9ad78c743f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
lobste.rs
:scheme
https
:path
/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 12 May 2021 20:21:00 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
etag
W/"a221398aba2145065ba4a0714a2fdab8"
cache-control
max-age=0, private, must-revalidate
content-security-policy-report-only
default-src 'none'; connect-src 'self'; font-src 'self' https: data:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; report-uri /csp-violation-report
set-cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D; path=/; expires=Sat, 12 Jun 2021 20:21:00 GMT; secure; HttpOnly
x-request-id
a858b450-b05c-4d74-a4e7-18d1ea25b1fe
x-runtime
0.572862
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
application-93e233d985f3bccedb12c2d60fa4d4d01e0e0f71e2c7ac6fb4e0922ffe67a12c.css
lobste.rs/assets/ 		45 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lobste.rs/assets/application-93e233d985f3bccedb12c2d60fa4d4d01e0e0f71e2c7ac6fb4e0922ffe67a12c.css
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
93e233d985f3bccedb12c2d60fa4d4d01e0e0f71e2c7ac6fb4e0922ffe67a12c

Request headers

:path
/assets/application-93e233d985f3bccedb12c2d60fa4d4d01e0e0f71e2c7ac6fb4e0922ffe67a12c.css
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
content-encoding
gzip
last-modified
Sat, 02 Jan 2021 04:09:25 GMT
server
nginx
etag
"5feff1f5-2e36"
content-type
text/css
cache-control
max-age=315360000 public
content-length
11830
expires
Thu, 31 Dec 2037 23:55:55 GMT
av-16.png
lobste.rs/avatars/ 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/av-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
35d39c54946c5db6e92344f44729ac3c029e130ed011e7367e4dbf215a614248

Request headers

:path
/avatars/av-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 02:31:16 GMT
server
nginx
etag
"5ff27df4-37b"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
891
expires
Thu, 31 Dec 2037 23:55:55 GMT
tptacek-16.png
lobste.rs/avatars/ 		429 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/tptacek-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8ddb4d132b96cfa5903ac9416713a088b85b719a7895d1a12bad54e2784058f9

Request headers

:path
/avatars/tptacek-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 03:38:41 GMT
server
nginx
etag
"5ff28dc1-1ad"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
429
expires
Thu, 31 Dec 2037 23:55:55 GMT
frankzinger-16.png
lobste.rs/avatars/ 		597 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/frankzinger-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1196e2acbcaab855353e7b1489591a2496db2008d4455adde771da8ec8d057b4

Request headers

:path
/avatars/frankzinger-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 17:47:59 GMT
server
nginx
etag
"5ff354cf-255"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
597
expires
Thu, 31 Dec 2037 23:55:55 GMT
sarciszewski-16.png
lobste.rs/avatars/ 		829 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/sarciszewski-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
62d0f013ac47801a7e05c27dd52eb06393c2237125d069512b1da040e539d431

Request headers

:path
/avatars/sarciszewski-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 09:05:58 GMT
server
nginx
etag
"5ff2da76-33d"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
829
expires
Thu, 31 Dec 2037 23:55:55 GMT
hobbified-16.png
lobste.rs/avatars/ 		867 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/hobbified-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c5566fbfcab0ac6665b1863f1e1e26ac63f05d5b34c0ea97d6215b4604a8e42b

Request headers

:path
/avatars/hobbified-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 02:12:29 GMT
server
nginx
etag
"5ff2798d-363"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
867
expires
Thu, 31 Dec 2037 23:55:55 GMT
lsb-16.png
lobste.rs/avatars/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/lsb-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9237f11224a805fbfed455df32af7970bfb8d26c2a0a016db6651b600f642262

Request headers

:path
/avatars/lsb-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 03:38:41 GMT
server
nginx
etag
"5ff28dc1-344"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
836
expires
Thu, 31 Dec 2037 23:55:55 GMT
fkooman-16.png
lobste.rs/avatars/ 		586 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/fkooman-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ba58e11b0b76c69257ade0ea8eb83d1acb0673db03d7386f92dd67204face4b5

Request headers

:path
/avatars/fkooman-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 00:15:55 GMT
server
nginx
etag
"5ff25e3b-24a"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
586
expires
Thu, 31 Dec 2037 23:55:55 GMT
Zamicol-16.png
lobste.rs/avatars/ 		796 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/Zamicol-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
77883a313a17f1bd9b31b5d7305de19275381dd5d7aa9df4ac1aedac3942321d

Request headers

:path
/avatars/Zamicol-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 19:11:15 GMT
server
nginx
etag
"5ff36853-31c"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
796
expires
Thu, 31 Dec 2037 23:55:55 GMT
JohnCarter-16.png
lobste.rs/avatars/ 		377 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/JohnCarter-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e8bba62ca07cf24c2195fb0fb92a1fbf8b1c58170bdeaf8d89690c266e23a6bd

Request headers

:path
/avatars/JohnCarter-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 01:38:10 GMT
server
nginx
etag
"5ff27182-179"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
377
expires
Thu, 31 Dec 2037 23:55:55 GMT
tedu-16.png
lobste.rs/avatars/ 		395 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/tedu-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4420b0832600bce914bb7916771dccee40a1742ce60997e600dff8b887985a5f

Request headers

:path
/avatars/tedu-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 02:16:38 GMT
server
nginx
etag
"5ff27a86-18b"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
395
expires
Thu, 31 Dec 2037 23:55:55 GMT
qbit-16.png
lobste.rs/avatars/ 		759 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/qbit-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0c1652396dd89baa0e14fed61c76e89a6c4fc1dfa135f056fe10285cec715cca

Request headers

:path
/avatars/qbit-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 08 Mar 2021 03:08:33 GMT
server
nginx
etag
"60459531-2f7"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
759
expires
Thu, 31 Dec 2037 23:55:55 GMT
inactive-user-16.png
lobste.rs/avatars/ 		639 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lobste.rs/avatars/inactive-user-16.png
Requested by
Host: lobste.rs
URL: https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2604:a880:400:d0::1dc9:f001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b488c75d76ac8d59f9f96880b7e68c0620e6156842e7570f6676aeda976c67c7

Request headers

:path
/avatars/inactive-user-16.png
pragma
no-cache
cookie
lobster_trap=eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lobste.rs
referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lobste.rs/s/r4lv76/jwt_is_bad_standard_everyone_should_avoid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:21:00 GMT
last-modified
Mon, 04 Jan 2021 00:13:58 GMT
server
nginx
etag
"5ff25dc6-27f"
content-type
image/png
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
639
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		268 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
175ad44535d0c94ec01723f12fbc13fdce1ffaab9448a5b1ce7d24827715d48d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
lobste.rs/ Name: lobster_trap
Value: eRuqrEG7R5sD%2BYrKcWxIPj7bN1XcHmqUWKTh2BGGQr%2FSHB1Er%2FtIPHjE6EBAT%2BDwVHjaDHQ%2BFQNvekkZpUvOY2OQJ0Yos%2FGNKN5lTsuH6mLLkKECT17fDoC3oFc56H%2FN4L7trOaSsi74kiPsIJM1l6Q2FGtUxvj44UMCY%2FtKzQ7Kv5B08ynwEXg5Prm5jyWrfVWzlONvhRmH%2BxFFOIVbD%2FckC3PUocHAHPxIkecO9GhasncVI2W%2B2ZWMRVVKE9XwgQQNalZ2bIjQlY0UW8AdYbtKrpUqPFl1IA%3D%3D--0u32VavbU15E1KiY--DTWmXaB3FhHsIhbqng2Cjg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block