When viewing this page source, we got a message:
![](https://niekdang.wordpress.com/wp-content/uploads/2020/09/image-3.png?w=1024)
Then, we will use Burp Suite to catch the packet and change the Header to:
User-Agent: Sup3rS3cr3tAg3nt
And we got another message:
![](https://niekdang.wordpress.com/wp-content/uploads/2020/09/image-4.png?w=519)
Hence, we will add two lines to the Header:
User-Agent: Sup3rS3cr3tAg3nt
Referer: awesomesauce.com
And we found the flag:
![](https://niekdang.wordpress.com/wp-content/uploads/2020/09/image-6.png?w=377)
Flag: flag{did_this_m3ss_with_y0ur_h34d}