HTTP/2 302 date: Thu, 22 Jan 2026 19:01:54 GMT content-type: text/html; charset=utf-8 location: https://hackerone.com/browser-not-supported.html cf-ray: 9c214d733f74f313-BLR x-frame-options: DENY x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin user-authenticated: false cache-control: no-store content-disposition: inline; filename="response." x-request-id: a91854d5-6bde-4fdd-a396-a339996f5d2d set-cookie: __Host-session=UEl4bUU4MjBBU0d3ekQvU2k2VEk2emhBUVVPTEFkZWxESTh2S2drbzd2RWxLVjZnSmdkckp5TXVjWElzcUZlSmMyTnZGUUJPamNkQkpCWms5Q29zcWVDMGQ3aE0vQWVIc0V4NXBXeVh6MitrbWovVC9KZkh6bWZ1S1RhMjR5WnpyeGc3K2ZzaGhtaE9PV3d6Tzhhd1gxRjJMeEpPUHo0Vit6TkxwZGhraXVXN2dGUWFkaEtTUFF0QzRLNzhZblloLS1pWjJ2aHd3VXpESnJCSksyS2pJSFF3PT0%3D--ec5cb9f3a504972512e242028e566bbe8e01c315; path=/; expires=Thu, 05 Feb 2026 19:01:53 GMT; secure; httponly; samesite=none strict-transport-security: max-age=31536000; includeSubDomains; preload cross-origin-opener-policy: same-origin-allow-popups x-download-options: noopen expect-ct: enforce, max-age=86400 content-security-policy: default-src 'none'; base-uri 'self'; child-src 'self' www.youtube-nocookie.com; connect-src 'self' data: errors.hackerone.net *.browser-intake-datadoghq.com browser-intake-datadoghq.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src blob: hackerone.integration-configuration.com api-iam.intercom.io/messenger/web/metrics intercom-sheets.com; img-src 'self' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com profile-photos.hackerone-user-content.com flagcdn.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; media-src 'self' marketing-assets.hackerone-user-content.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; object-src blob: data:; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://errors.hackerone.net/api/30/security/?sentry_key=374aea95847f4040a69f9c8d49a3a59d&sentry_environment=production cf-cache-status: DYNAMIC server: cloudflare HTTP/2 200 date: Thu, 22 Jan 2026 19:01:54 GMT content-type: text/html content-encoding: gzip last-modified: Thu, 22 Jan 2026 14:28:54 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cross-origin-opener-policy: same-origin-allow-popups x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin expect-ct: enforce, max-age=86400 content-security-policy: default-src 'none'; base-uri 'self'; child-src 'self' www.youtube-nocookie.com; connect-src 'self' data: errors.hackerone.net *.browser-intake-datadoghq.com browser-intake-datadoghq.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src blob: hackerone.integration-configuration.com api-iam.intercom.io/messenger/web/metrics intercom-sheets.com; img-src 'self' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com profile-photos.hackerone-user-content.com flagcdn.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; media-src 'self' marketing-assets.hackerone-user-content.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com; object-src blob: data:; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://errors.hackerone.net/api/30/security/?sentry_key=374aea95847f4040a69f9c8d49a3a59d&sentry_environment=production cache-control: public, max-age=2592000 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 9c214d74b899f313-BLR