This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
LaurieWired
lauriewired.bsky.social
did:plc:prywlo5q2i434jue7ywslkep
At the time, the iBit API had no limit for JSON calls.
If you imagine an attacker spamming 20 requests per second, that’s about $2,000 a day at today’s prices!
The bug was reported on HackerOne and fixed, where the researcher was awarded a whopping…$1000 bounty :(
2025-08-02T20:16:51.859Z