| CARVIEW |
Select Language
HTTP/2 302
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
location: https://bugcrowd.com/engagements/opera
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: e20366b7-0672-4c28-8fc6-2b99f289a358
pragma: no-cache
x-download-options: noopen
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, no-store
x-frame-options: SAMEORIGIN
x-runtime: 0.033156
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com wss://*.intercom.io syndication.twitter.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com cloudflare-zero-trust-logs-us-east-1-production.s3.amazonaws.com *.flippercloud.io browser-intake-datadoghq.com login.hackers.bugcrowd.com login.bugcrowd.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com fonts.bunny.net; form-action 'self' identity.bugcrowd.com login.hackers.bugcrowd.com/oauth2/default/v1/authorize login.bugcrowd.com/oauth2/default/v1/authorize; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com us-east-1.quicksight.aws.amazon.com; img-src 'self' assets.bugcrowdusercontent.com bugcrowd.com *.bugcrowdusercontent.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com bugcrowd-static-us-east-1-production.s3.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com profiles.bugcrowdusercontent.com *.bugcrowd.net; media-src 'self' js.intercomcdn.com fonts.bunny.net bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com api.usemessages.com; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com assets.bugcrowdusercontent.com fonts.bunny.net; upgrade-insecure-requests; report-uri /csp
accept-ranges: bytes
date: Sat, 04 Oct 2025 08:11:45 GMT
via: 1.1 varnish
x-served-by: cache-bom-vanm7210036-BOM, cache-bom-vanm7210021-BOM
x-cache: MISS, MISS
x-cache-hits: 0, 0
strict-transport-security: max-age=31557600
content-length: 0
HTTP/2 200
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
set-cookie: _crowdcontrol_session_key=T2J2cUtJUm1pV2k0RHR5dzNURldDMnJYajRCcUdUSDJrbDhMRlY1VTVpR3FmS2d5QjJZcW1ZcFQxcExLTkMzT3Flbk1ucHRaZWw1VGZ5M3FWc3RiL29KZlNRM01nR2NKTURONCtEalpiTU1NdUQyaWNvWGw5SFM5MC9QMEFOWVRkWkxBbnFDVTFVWHZRWmFyQUw4RHJ3PT0tLXBSYUwyWXBPNUoyNldSQndkTHloU2c9PQ%3D%3D--ded41e7857c0d462f61a2ffcf0ef15bb2bc925a2; path=/; secure; HttpOnly; SameSite=Lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: ac34646d-1648-4365-8745-ae25bcb3d2c6
pragma: no-cache
x-download-options: noopen
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, no-store
x-frame-options: SAMEORIGIN
x-runtime: 0.169584
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com wss://*.intercom.io syndication.twitter.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com cloudflare-zero-trust-logs-us-east-1-production.s3.amazonaws.com *.flippercloud.io browser-intake-datadoghq.com login.hackers.bugcrowd.com login.bugcrowd.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com fonts.bunny.net; form-action 'self' identity.bugcrowd.com login.hackers.bugcrowd.com/oauth2/default/v1/authorize login.bugcrowd.com/oauth2/default/v1/authorize; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com us-east-1.quicksight.aws.amazon.com; img-src 'self' assets.bugcrowdusercontent.com bugcrowd.com *.bugcrowdusercontent.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com bugcrowd-static-us-east-1-production.s3.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com profiles.bugcrowdusercontent.com *.bugcrowd.net; media-src 'self' js.intercomcdn.com fonts.bunny.net bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com api.usemessages.com 'nonce-9rfaz22inbRxS/HuNYcdRDBEVnloQYziC/Sly68vSek=' 'unsafe-inline'; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com assets.bugcrowdusercontent.com fonts.bunny.net; upgrade-insecure-requests; report-uri /csp
etag: W/"1afb055cbecf5e34ee4ed5282d9a0e72"
accept-ranges: bytes
date: Sat, 04 Oct 2025 08:11:46 GMT
via: 1.1 varnish
x-served-by: cache-bom-vanm7210066-BOM, cache-bom-vanm7210021-BOM
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept
strict-transport-security: max-age=31557600
content-length: 87308
Bug Bounty: Opera Public Bug Bounty - Bugcrowd
