Hello team of HackerOne!
I am Simone, and today I will report you a criptographic issue on your site!
Issue: Strict Transport Security with too short max age.
Description: Your site use a good "Strict Transport Security" but with short MAX AGE!
Severity: See more information below.
Proof of Concept by ssllabs.com (100% affidability):
"Strict Transport Security (HSTS) Yes max-age=2678400; includeSubdomains TOO SHORT (less than 180 days)"
If you want to see the full scan with your "eyes" check it here: https://www.ssllabs.com/ssltest/analyze.html?d=hackerone.com&s=188.8.131.52
Also..See more information here:
Thanks and best regards, Simone