urlscan.io logo urlscan.io
SecurityTrails logo

login-dev.manutd.com Open in urlscan Pro
18.169.71.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://login-dev.manutd.com/
Submission: On October 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 18.169.71.30, located in United States and belongs to AMAZON-02, US. The main domain is login-dev.manutd.com.
TLS certificate: Issued by Amazon on April 8th 2021. Valid for: a year.
This is the only time login-dev.manutd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    18.169.71.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-71-30.eu-west-2.compute.amazonaws.com
login-dev.manutd.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    23.193.33.6 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-33-6.deploy.static.akamaitechnologies.com
cdns.eu1.gigya.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    184.30.17.145 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-145.deploy.static.akamaitechnologies.com
assets.manutd.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.30.9.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-9-119.eu-west-1.compute.amazonaws.com
accounts.eu1.gigya.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
10 cdns.eu1.gigya.com login-dev.manutd.com
cdns.eu1.gigya.com
4 login-dev.manutd.com login-dev.manutd.com
3 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net cdns.eu1.gigya.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 accounts.eu1.gigya.com cdns.eu1.gigya.com
1 www.gstatic.com www.google.com
1 assets.manutd.com login-dev.manutd.com
1 fonts.googleapis.com login-dev.manutd.com
1 www.google.com login-dev.manutd.com
25 10

This site contains links to these domains. Also see Links.

Domain
www.manutd.com
Subject Issuer Validity Valid
login-dev.manutd.com
Amazon		 2021-04-08 -
2022-05-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
cdns.gigya.com
DigiCert SHA2 Secure Server CA		 2021-03-05 -
2022-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.manutd.com
DigiCert SHA2 Secure Server CA		 2020-12-14 -
2021-12-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.eu1.gigya.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://login-dev.manutd.com/
Frame ID: F1135E4208600814FC14E693E471B544
Requests: 16 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&version=latest&build=12471
Frame ID: 08264A26C0F796C1682F9BE555E017A5
Requests: 3 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Frame ID: 4B6FEE8266618DC895A457076F88CFF3
Requests: 2 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Frame ID: A5C14B66D057F3EB4808103C933D36D4
Requests: 2 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Frame ID: 8EA701253AD0165D56EE1824B17B24E9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page - Manchester United Identity

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.gigya\.com/JS/gigya\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

926 kB
Transfer

1769 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login-dev.manutd.com/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-dev.manutd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.71.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-71-30.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
da5c2b5e7498a26e684ada889915870cd9d646078f92b1101d0b5ae23092e5b1
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
Strict-Transport-Security max-age=31536000; preload
X-Content-Security-Policy default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
login-dev.manutd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 22 Oct 2021 10:25:00 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
content-security-policy
default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
x-content-security-policy
default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
x-application-version
2021.7.27.281
main.css
login-dev.manutd.com/assets/styles/ 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-dev.manutd.com/assets/styles/main.css?v=CV9qG7VY_OhyxN_kVWL3xOzhthz1aAmEIY2cKhD7iqk
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.71.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-71-30.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
095f6a1bb558fce872c4dfe45562f7c4ece1b61cf5680984218d9c2a10fb8aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

:path
/assets/styles/main.css?v=CV9qG7VY_OhyxN_kVWL3xOzhthz1aAmEIY2cKhD7iqk
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
login-dev.manutd.com
referer
https://login-dev.manutd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://login-dev.manutd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:25:00 GMT
last-modified
Tue, 27 Jul 2021 10:47:04 GMT
etag
"1d782d4bca0c0d3"
strict-transport-security
max-age=31536000; preload
content-type
text/css
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
50387
expires
Sun, 21 Nov 2021 10:25:00 GMT
main.bundle.js
login-dev.manutd.com/assets/js/ 		289 KB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-dev.manutd.com/assets/js/main.bundle.js?v=zjVCa3gMQP54Bd7jduJiU4L_t-Azdx8ULW8irQj4uN4
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.71.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-71-30.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
ce35426b780c40fe7805dee376e2625382ffb7e033771f142d6f22ad08f8b8de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

:path
/assets/js/main.bundle.js?v=zjVCa3gMQP54Bd7jduJiU4L_t-Azdx8ULW8irQj4uN4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-dev.manutd.com
referer
https://login-dev.manutd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://login-dev.manutd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:25:00 GMT
last-modified
Tue, 27 Jul 2021 10:47:04 GMT
etag
"1d782d4bca480c2"
strict-transport-security
max-age=31536000; preload
content-type
application/javascript
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
296130
expires
Sun, 21 Nov 2021 10:25:00 GMT
runtime.bundle.js
login-dev.manutd.com/assets/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-dev.manutd.com/assets/js/runtime.bundle.js?v=op1U_vaTDmIzNBzREbOObcElU67KvokiK4mJKtxmuX8
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.71.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-71-30.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
a29d54fef6930e6233341cd111b38e6dc12553aecabe89222b89892adc66b97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

:path
/assets/js/runtime.bundle.js?v=op1U_vaTDmIzNBzREbOObcElU67KvokiK4mJKtxmuX8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-dev.manutd.com
referer
https://login-dev.manutd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://login-dev.manutd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:25:00 GMT
last-modified
Tue, 27 Jul 2021 10:47:04 GMT
etag
"1d782d4bca01009"
strict-transport-security
max-age=31536000; preload
content-type
application/javascript
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
5129
expires
Sun, 21 Nov 2021 10:25:00 GMT
api.js
www.google.com/recaptcha/ 		850 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7130f5c9ab08bdff86a1da4500008a45639dc9a23a587775941377f90eb1a16d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:25:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
555
x-xss-protection
1; mode=block
expires
Fri, 22 Oct 2021 10:25:00 GMT
gigya.js
cdns.eu1.gigya.com/JS/ 		349 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
891123c1130c90342cb8ec05d87b732c9d677db5bfa8bea0b3028ade89ab1c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:01 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
14068fd8b86a414ab2a14c1255360d27
Cache-Control
public, max-age=900, s-maxage=3600
x-server
us1d-nomad-g22
Connection
keep-alive
x-robots-tag
none
Content-Length
117329
Expires
Fri, 22 Oct 2021 10:40:01 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Source+Sans+Pro:wght@300;400;700;900&display=swap
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/assets/styles/main.css?v=CV9qG7VY_OhyxN_kVWL3xOzhthz1aAmEIY2cKhD7iqk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77d398a7d6a3d750d3d107d7de56517042eb903a4c312a3070c0a0e14cb85dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Oct 2021 10:25:00 GMT
server
ESF
date
Fri, 22 Oct 2021 10:25:00 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 22 Oct 2021 10:25:00 GMT
Header-Logo1500994616801.png
assets.manutd.com/AssetPicker/images/0/0/3/2/197240/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.manutd.com/AssetPicker/images/0/0/3/2/197240/Header-Logo1500994616801.png
Requested by
Host: login-dev.manutd.com
URL: https://login-dev.manutd.com/assets/styles/main.css?v=CV9qG7VY_OhyxN_kVWL3xOzhthz1aAmEIY2cKhD7iqk
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.17.145 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5b49f42ab7904a6275858575d1dcf8bb784c9608ed0a1cb96f7a83921926d15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-dev.manutd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
k5L44wjRFXFI4oz1JZ.Jadb7OmBdeJ17
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Jul 2017 14:56:57 GMT
x-amz-request-id
FHGMFB49VSNB0CQM
etag
"4df76e673b6de5778474719dd53d9d70"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7776000
date
Fri, 22 Oct 2021 10:25:00 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
80018
x-amz-id-2
WnSKHkaGYX/S0eyaxw2adjdyXy9UAX+r00AX2ej+z7vvVfZey7sjzdXLKU0+F0GdtYVBU2sFiik=
expires
Thu, 20 Jan 2022 10:25:00 GMT
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v2/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Source+Sans+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-dev.manutd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:41:28 GMT
x-content-type-options
nosniff
age
197012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13092
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:41:28 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Source+Sans+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-dev.manutd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:28 GMT
x-content-type-options
nosniff
age
22112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 04:16:28 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Source+Sans+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-dev.manutd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:16:30 GMT
x-content-type-options
nosniff
age
428910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Oct 2022 11:16:30 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://login-dev.manutd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 09:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 22 Oct 2022 09:41:33 GMT
sdk.config.get
cdns.eu1.gigya.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad9a55230bb887f1781ddd0ad24dc375cf5e33b966731cd1f1fe9fe5e861f78a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:01 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
1a075ae38653431e8fc4ba38d70bd1ac
Cache-Control
public, max-age=86400
x-server
us1d-nomad-g5
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
948
Api.aspx
cdns.eu1.gigya.com/gs/webSdk/ Frame 0826 		96 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&version=latest&build=12471
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a36cc9fca17fe067e53f1578eb705a536a321b998c933459f04f410d152d57ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Host
cdns.eu1.gigya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
34787
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa
true, Gator
x-server
us1d-nomad-g14
x-callid
ce4106fc0c974fbfa032671244c1ebf6
Accept-Ranges
bytes
x-robots-tag
none
Cache-Control
public, max-age=86400, s-maxage=3600
Date
Fri, 22 Oct 2021 10:25:02 GMT
Connection
keep-alive
sdk.config.get
cdns.eu1.gigya.com/ Frame 0826 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&pageURL=https%3A%2F%2Flogin-dev.manutd.com%2F
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&version=latest&build=12471
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b0f35f00872dff7add6552fbe0f9857f27da4076ba3b19f9fb03a5df263fa76e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&version=latest&build=12471
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:02 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
479d95b544064ea2abfe99e872113414
Cache-Control
public, max-age=86400
x-server
us1d-nomad-g6
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
947
accounts.webSdkBootstrap
accounts.eu1.gigya.com/ Frame 0826 		177 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.eu1.gigya.com/accounts.webSdkBootstrap?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&pageURL=https%3A%2F%2Flogin-dev.manutd.com%2F&sdk=js_latest&sdkBuild=12471&format=json
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n&version=latest&build=12471
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.30.9.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-9-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9be23e71f142eb7635d1b90d82b46373de523584511ba84a7414b55e577af306

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdns.eu1.gigya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:25:02 GMT
content-encoding
gzip
x-soa
true, Gator
x-robots-tag
none
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin
https://cdns.eu1.gigya.com
x-callid
ec57e2ca24bc48ca8deddb8a65fa4405
access-control-max-age
86400
cache-control
private
x-server
eu1a-nomad-g8
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
content-length
152
sso.htm
cdns.eu1.gigya.com/gs/ Frame 4B6F 		73 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
54da89ea390abb13836e070570873293474d92684970642838a9cebccab6b573
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Host
cdns.eu1.gigya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
apiDomain_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14=eu1.gigya.com; gig3pctest=true; gmid=gmid.ver4.AcbHbkaohQ.X_azVKFLZccG3h4VPB-pQK5OS85zEjkNuCZ8gGyzLDJt-SoV5kpECky2V0FMzFaz.wJFvFbuAkxi9yS4U7TxLv6I76AV-0f2Hh46X5osRXxxAGKnnDyQ4niD6nuHF5Ypc8YNmfxilM7QTPn-SMqdXow.sc3; ucid=ds011V8IIELlHJXGCjfrMw; hasGmid=ver4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
27109
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa
true, Gator
x-server
us1d-nomad-g21
x-callid
658af2b4489349618dc7077d1197d046
Accept-Ranges
bytes
x-robots-tag
none
Cache-Control
public, max-age=86400, s-maxage=3600
Date
Fri, 22 Oct 2021 10:25:02 GMT
Connection
keep-alive
sso.htm
cdns.eu1.gigya.com/gs/ Frame A5C1 		73 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
54da89ea390abb13836e070570873293474d92684970642838a9cebccab6b573
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Host
cdns.eu1.gigya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
apiDomain_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14=eu1.gigya.com; gig3pctest=true; gmid=gmid.ver4.AcbHbkaohQ.X_azVKFLZccG3h4VPB-pQK5OS85zEjkNuCZ8gGyzLDJt-SoV5kpECky2V0FMzFaz.wJFvFbuAkxi9yS4U7TxLv6I76AV-0f2Hh46X5osRXxxAGKnnDyQ4niD6nuHF5Ypc8YNmfxilM7QTPn-SMqdXow.sc3; ucid=ds011V8IIELlHJXGCjfrMw; hasGmid=ver4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
27109
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa
true, Gator
x-server
us1d-nomad-g21
x-callid
658af2b4489349618dc7077d1197d046
Accept-Ranges
bytes
x-robots-tag
none
Cache-Control
public, max-age=86400, s-maxage=3600
Date
Fri, 22 Oct 2021 10:25:02 GMT
Connection
keep-alive
sdk.config.get
cdns.eu1.gigya.com/ Frame 4B6F 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&pageURL=https%3A%2F%2Flogin-dev.manutd.com
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f91283bb493080cd7689902d9bd6b91c87b4a843eaab069f2d15dd1e3a36523a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:03 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
c2407d67ce624e0bae3f6e7e3c4e4914
Cache-Control
public, max-age=86400
x-server
us1d-nomad-g6
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
939
sdk.config.get
cdns.eu1.gigya.com/ Frame A5C1 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&pageURL=https%3A%2F%2Flogin-dev.manutd.com
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f91283bb493080cd7689902d9bd6b91c87b4a843eaab069f2d15dd1e3a36523a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:03 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
c2407d67ce624e0bae3f6e7e3c4e4914
Cache-Control
public, max-age=86400
x-server
us1d-nomad-g6
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
939
sso.htm
cdns.eu1.gigya.com/gs/ Frame 8EA7 		73 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
54da89ea390abb13836e070570873293474d92684970642838a9cebccab6b573
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Host
cdns.eu1.gigya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
apiDomain_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14=eu1.gigya.com; gmid=gmid.ver4.AcbHbkaohQ.X_azVKFLZccG3h4VPB-pQK5OS85zEjkNuCZ8gGyzLDJt-SoV5kpECky2V0FMzFaz.wJFvFbuAkxi9yS4U7TxLv6I76AV-0f2Hh46X5osRXxxAGKnnDyQ4niD6nuHF5Ypc8YNmfxilM7QTPn-SMqdXow.sc3; ucid=ds011V8IIELlHJXGCjfrMw; hasGmid=ver4; gig_canary_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14=false; gig_canary_ver_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14=12494-3-27248310
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
27109
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa
true, Gator
x-server
us1d-nomad-g21
x-callid
658af2b4489349618dc7077d1197d046
Accept-Ranges
bytes
x-robots-tag
none
Cache-Control
public, max-age=86400, s-maxage=3600
Date
Fri, 22 Oct 2021 10:25:03 GMT
Connection
keep-alive
sdk.js
connect.facebook.net/en_EN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/JS/gigya.js?apikey=3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb0e03bd72b7de7fc1eec4ee104974584992a588d75e7c6306eeeb4635acda1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QafZV5L+9b+IV9CCIAzdng==
cross-origin-resource-policy
cross-origin
expires
Fri, 22 Oct 2021 10:25:48 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
TbEVQ1jOkKhXvPVA5qb0HCdAMoUvjJ+H9uBf6BrAOdUTcV7o4nxZvWr/wfIVJoTDLL+RcSmpHKNpJbwsD/KrXA==
x-fb-trip-id
2050670934
x-fb-content-md5
f34fa547cbe993770158c4a9e632c2cc
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 22 Oct 2021 10:25:03 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4c2d52f052a72d547aa17f24bb9d1659"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_US/ 		265 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=23f4d4960792f5d584e298f0fe1493d3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8962c366d696b9921caf419069d7e3681ff7c002ee792753b7983253108e976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
Origin
https://login-dev.manutd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ND2JsAOTvdRYaENdWLyIUA==
cross-origin-resource-policy
cross-origin
expires
Sat, 22 Oct 2022 07:07:46 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76535
x-fb-rlafr
0
x-fb-debug
E/KAsF44YfbRp+q1ivRUqM9PkK9vJah0MoLYMplZMLfaKX6SDDLliGNQZQ0ZsmxufmzO7pQKUHKMni7glaFDPw==
x-fb-trip-id
2050670934
x-fb-content-md5
4bb87dea61a91bcc254e04b11f9469a3
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 22 Oct 2021 10:25:03 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8f5a12d837b5bbe841a78d958c068667"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
sdk.config.get
cdns.eu1.gigya.com/ Frame 8EA7 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&pageURL=https%3A%2F%2Flogin-dev.manutd.com
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.33.6 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f91283bb493080cd7689902d9bd6b91c87b4a843eaab069f2d15dd1e3a36523a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14&ssoSegment=&version=latest&build=12471
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 10:25:03 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
c2407d67ce624e0bae3f6e7e3c4e4914
Cache-Control
public, max-age=86400
x-server
us1d-nomad-g6
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
939
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=2574500549536780&input_token&origin=1&redirect_uri=https%3A%2F%2Flogin-dev.manutd.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=23f4d4960792f5d584e298f0fe1493d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
EhiMDD0svWfXp2FjXrAK4fL6WQ6uFmUg0svzVtIFxOWLGyEjYu7VYCO2pM2DgUr0aH1et4JYHd9sMgE5Ar/SJQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Fri, 22 Oct 2021 10:25:03 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://login-dev.manutd.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| webpackChunkMUFC_form_templates boolean| isMobile object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| gigya function| fbAsyncInit object| FB

9 Cookies

Domain/Path Name / Value
.login-dev.manutd.com/ Name: gig_canary
Value: false
.login-dev.manutd.com/ Name: gig_canary_ver
Value: 12494-3-27248310
.cdns.eu1.gigya.com/ Name: apiDomain_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14
Value: eu1.gigya.com
.gigya.com/ Name: gmid
Value: gmid.ver4.AcbHbkaohQ.X_azVKFLZccG3h4VPB-pQK5OS85zEjkNuCZ8gGyzLDJt-SoV5kpECky2V0FMzFaz.wJFvFbuAkxi9yS4U7TxLv6I76AV-0f2Hh46X5osRXxxAGKnnDyQ4niD6nuHF5Ypc8YNmfxilM7QTPn-SMqdXow.sc3
.gigya.com/ Name: ucid
Value: ds011V8IIELlHJXGCjfrMw
.gigya.com/ Name: hasGmid
Value: ver4
.manutd.com/ Name: gig_bootstrap_3_jiEfpgJUZPGZaIwCQFYuOrp5qvv2amm1rmX2GUK8e50hFYY4NHI05hiabkgCed9n
Value: _gigya_ver4
.cdns.eu1.gigya.com/ Name: gig_canary_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14
Value: false
.cdns.eu1.gigya.com/ Name: gig_canary_ver_3_uAKR_5vFizO5xLQ4aJy4TA0sp-cjfK5bopd3JkHdhi89A44EskDybJjjZ58MvZ14
Value: 12494-3-27248310

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
Strict-Transport-Security max-age=31536000; preload
X-Content-Security-Policy default-src 'self' *.facebook.net *.facebook.com *.gigya.com fonts.gstatic.com fonts.googleapis.com *.manutd.com www.google.com; img-src 'self' *.manutd.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval' *.gigya.com *.facebook.net fonts.googleapis.com www.google.com www.gstatic.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.eu1.gigya.com
assets.manutd.com
cdns.eu1.gigya.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
login-dev.manutd.com
www.facebook.com
www.google.com
www.gstatic.com
18.169.71.30
184.30.17.145
23.193.33.6
2a00:1450:4001:800::2004
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.30.9.119
095f6a1bb558fce872c4dfe45562f7c4ece1b61cf5680984218d9c2a10fb8aa9
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
54da89ea390abb13836e070570873293474d92684970642838a9cebccab6b573
7130f5c9ab08bdff86a1da4500008a45639dc9a23a587775941377f90eb1a16d
77d398a7d6a3d750d3d107d7de56517042eb903a4c312a3070c0a0e14cb85dd6
891123c1130c90342cb8ec05d87b732c9d677db5bfa8bea0b3028ade89ab1c98
9be23e71f142eb7635d1b90d82b46373de523584511ba84a7414b55e577af306
a29d54fef6930e6233341cd111b38e6dc12553aecabe89222b89892adc66b97f
a36cc9fca17fe067e53f1578eb705a536a321b998c933459f04f410d152d57ab
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ad9a55230bb887f1781ddd0ad24dc375cf5e33b966731cd1f1fe9fe5e861f78a
b0f35f00872dff7add6552fbe0f9857f27da4076ba3b19f9fb03a5df263fa76e
c8962c366d696b9921caf419069d7e3681ff7c002ee792753b7983253108e976
ce35426b780c40fe7805dee376e2625382ffb7e033771f142d6f22ad08f8b8de
da5c2b5e7498a26e684ada889915870cd9d646078f92b1101d0b5ae23092e5b1
dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
f5b49f42ab7904a6275858575d1dcf8bb784c9608ed0a1cb96f7a83921926d15
f91283bb493080cd7689902d9bd6b91c87b4a843eaab069f2d15dd1e3a36523a
fb0e03bd72b7de7fc1eec4ee104974584992a588d75e7c6306eeeb4635acda1d