Submitted URL: https://trk.cp20.com/click/g2ys-2fsyi9-fhpgwd-dc0xx4l5/
Effective URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Submission: On August 30 via api from IE

Summary

This website contacted 20 IPs in 7 countries across 17 domains to perform 86 HTTP transactions. The main IP is 104.18.11.167, located in and belongs to CLOUDFLARENET, US. The main domain is memberdeals.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.
This is the only time memberdeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.24.224.100 17358 (ETOLL1)
45 104.18.11.167 13335 (CLOUDFLAR...)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.18.29.205 13335 (CLOUDFLAR...)
5 199.101.26.126 33411 (BRIGHTPAT...)
1 13.224.93.106 16509 (AMAZON-02)
1 5 34.240.223.28 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 99.80.210.73 16509 (AMAZON-02)
1 34.251.77.56 16509 (AMAZON-02)
1 13.224.93.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2406:da00:ff0... 14618 (AMAZON-AES)
1 34.195.31.102 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
2 2600:9000:219... 16509 (AMAZON-02)
1 52.72.113.151 14618 (AMAZON-AES)
1 151.101.13.27 54113 (FASTLY)
3 162.247.243.147 23467 (NEWRELIC-...)
86 20
Domain Requested by
45 memberdeals.com memberdeals.com
6 assets.adobedtm.com memberdeals.com
assets.adobedtm.com
5 ebgcc.brightpattern.com memberdeals.com
ebgcc.brightpattern.com
4 dpm.demdex.net 1 redirects memberdeals.com
4 maps.googleapis.com memberdeals.com
3 bam-cell.nr-data.net memberdeals.com
2 pixel.quantserve.com memberdeals.com
2 rules.quantcount.com memberdeals.com
2 www.google-analytics.com memberdeals.com
2 smetrics.memberdeals.com memberdeals.com
2 www.ebgaffiliates.com memberdeals.com
1 js-agent.newrelic.com memberdeals.com
1 events.api.boomtrain.com memberdeals.com
1 secure.quantserve.com memberdeals.com
1 stats.g.doubleclick.net memberdeals.com
1 people.api.boomtrain.com memberdeals.com
1 e-49.adzerk.net memberdeals.com
1 entertainmentbenefitsgroupllc.demdex.net memberdeals.com
1 static.adzerk.net memberdeals.com
1 entertainmentbenefit.tt.omtrdc.net memberdeals.com
1 cm.everesttech.net 1 redirects
1 cdn.boomtrain.com memberdeals.com
1 trk.cp20.com 1 redirects
86 23

This site contains links to these domains. Also see Links.

Domain
corporateshopping.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-06 -
2022-07-05
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-09-30
9 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-16 -
2021-11-08
3 months crt.sh
*.brightpattern.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-10-26 -
2021-11-26
a year crt.sh
cdn.boomtrain.com
Amazon
2021-03-16 -
2022-04-14
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
smetrics.memberdeals.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-17 -
2021-12-18
a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA
2020-11-02 -
2021-11-09
a year crt.sh
*.adzerk.net
Amazon
2021-05-20 -
2022-06-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
resources.ebgaffiliates.com
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
*.api.boomtrain.com
Amazon
2020-12-16 -
2022-01-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-05 -
2022-06-06
a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 2 frames:

Primary Page: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Frame ID: 4F99995F761FF4D5E7961DB93304CC7C
Requests: 85 HTTP requests in this frame

Frame: https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0
Frame ID: 1F20278D454575231B5A0E96F0CC938A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Knott's Berry Farm - MemberDeals

Page URL History Show full URLs

  1. https://trk.cp20.com/click/g2ys-2fsyi9-fhpgwd-dc0xx4l5/ HTTP 302
    https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Overall confidence: 100%
Detected patterns
  • script /adzerk\.net\/ados\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

86
Requests

100 %
HTTPS

36 %
IPv6

17
Domains

23
Subdomains

20
IPs

7
Countries

1076 kB
Transfer

3101 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.cp20.com/click/g2ys-2fsyi9-fhpgwd-dc0xx4l5/ HTTP 302
    https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323
Request Chain 48
  • https://cm.everesttech.net/cm/dd?d_uuid=08915448484840243724203026667841622385 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSzuCQAAAMVyQAQS

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pages.php
memberdeals.com/corporateshopping/
Redirect Chain
  • https://trk.cp20.com/click/g2ys-2fsyi9-fhpgwd-dc0xx4l5/
  • https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
399 KB
46 KB
Document
General
Full URL
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e744fc2b93e59bcbb17bec3fb46185876b3a0490ae24b4dbead87f1094ea5127
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
memberdeals.com
:scheme
https
:path
/corporateshopping/pages.php?sub=knott-berry-farm&login=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:11 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=5184000; includeSubDomains
x-frame-options
SAMEORIGIN
referrer-policy
unsafe-url
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
set-cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; path=/; secure; HttpOnly adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; expires=Tue, 30-Aug-2022 20:29:57 GMT; Max-Age=31556926; path=/; domain=.memberdeals.com; secure; SameSite=Strict MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; path=/; Httponly; Secure __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; path=/; expires=Mon, 30-Aug-21 15:11:11 GMT; domain=.memberdeals.com; HttpOnly; Secure; SameSite=None
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
686ec74d6855411a-PRG
content-encoding
br

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Server
TRK01
Refresh
0; URL=https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Date
Mon, 30 Aug 2021 14:41:10 GMT
Content-Length
201
li.js
memberdeals.com/common_resources/js/
25 KB
5 KB
Script
General
Full URL
https://memberdeals.com/common_resources/js/li.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9228e9660ad4173083cb4d622c22d33c09a1e5a99967a8c5dae1ffcc9259782
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/js/li.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Fri, 23 Jul 2021 18:54:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6519-5c7ceef16ea00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca78411a-PRG
interaction_analytics.js
memberdeals.com/common_resources/js/
5 KB
1 KB
Script
General
Full URL
https://memberdeals.com/common_resources/js/interaction_analytics.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce90b8602f4c03d98edd426e4f219012297257690a293fefdc4f7224890701f0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/js/interaction_analytics.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 04 Feb 2021 14:41:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1438-5ba83b3f1be80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca79411a-PRG
launch-81239ab38161.min.js
assets.adobedtm.com/a281455e4dfe/ff77554c5db6/
454 KB
117 KB
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/launch-81239ab38161.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5a436af94f9175cf7c9c7f7d30264770dbb67cb2f6b4a36b4743072113818a31

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:11 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 12:32:29 GMT
server
AkamaiNetStorage
etag
"68ce81e0c1695010f38f0f7667231f89:1625229149.938487"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Aug 2021 15:41:11 GMT
reset.css
memberdeals.com/css/
1 KB
641 B
Stylesheet
General
Full URL
https://memberdeals.com/css/reset.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/reset.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:11:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"443-55875ffa562c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca7b411a-PRG
grid.css
memberdeals.com/css/
4 KB
933 B
Stylesheet
General
Full URL
https://memberdeals.com/css/grid.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45c73c0747a0f7b5e5eec6fbc6250a562a0a009b04012eaf80aa52d4e51a55a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/grid.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 07 Jul 2021 13:26:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1161-5c6887b6ac500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca7c411a-PRG
site.css
memberdeals.com/css/corporateshopping/
45 KB
9 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33c0a117c7ced57311bb022928565cbc86f95bec538c8dbb58eae320880c8a8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/corporateshopping/site.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 24 Jun 2021 14:16:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b2f9-5c583ac69f3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca7e411a-PRG
jquery-ui-1.10.3.custom.min.css
memberdeals.com/css/ui-lightness/
27 KB
6 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/ui-lightness/jquery-ui-1.10.3.custom.min.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/ui-lightness/jquery-ui-1.10.3.custom.min.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:11:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6a13-55875fecfc340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca82411a-PRG
chosen.min.css
memberdeals.com/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/chosen.min.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/chosen.min.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:11:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2d72-55875ffa562c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca83411a-PRG
font-awesome.min.css
memberdeals.com/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/font-awesome.min.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e61fb83f5e809e99b7b99517396b685e8090b5afc7e7c2f5241c01f76f2ddd2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/font-awesome.min.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 15 May 2018 12:24:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6b56-56c3db01c41c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca87411a-PRG
menu_default.css
memberdeals.com/css/corporateshopping/
10 KB
2 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/corporateshopping/menu_default.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4897eaf475af9e6e75d9bf8a87a2c7828ada48049941bae97eae46a890da8b97
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/corporateshopping/menu_default.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 05 Oct 2020 19:38:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2879-5b0f1a01d10eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca8a411a-PRG
lightbox_capture_email.css
memberdeals.com/common_resources/tawframework/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://memberdeals.com/common_resources/tawframework/css/lightbox_capture_email.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb7d296be29ea57f0128e153dbd7bedeaff8f7b0f61c80d68730b1ba8e6deb0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/tawframework/css/lightbox_capture_email.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 24 Jun 2021 13:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"f12-5c5836971b300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751ca8d411a-PRG
product_page.css
memberdeals.com/css/corporateshopping/
10 KB
2 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/corporateshopping/product_page.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d606221f7a3f8ed27c71ad699247b2e830374a16c90ac8c813344e163a815f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/corporateshopping/product_page.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 05 Oct 2020 19:38:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2770-5b0f1a01d5b21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dabe411a-PRG
jquery.fancybox.css
memberdeals.com/common_resources/css/fancybox2/
5 KB
1 KB
Stylesheet
General
Full URL
https://memberdeals.com/common_resources/css/fancybox2/jquery.fancybox.css?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/css/fancybox2/jquery.fancybox.css?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:07:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"131f-55875eff85300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac0411a-PRG
jquery-3.5.1.min.js
memberdeals.com/common_resources/js/
87 KB
31 KB
Script
General
Full URL
https://memberdeals.com/common_resources/js/jquery-3.5.1.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/js/jquery-3.5.1.min.js
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3756
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 31 Aug 2020 15:45:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"15d84-5ae2e4aba3840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac1411a-PRG
jquery-ui-1.12.1.custom.min.js
memberdeals.com/js/
248 KB
68 KB
Script
General
Full URL
https://memberdeals.com/js/jquery-ui-1.12.1.custom.min.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/jquery-ui-1.12.1.custom.min.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 19 Jun 2019 12:33:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3def0-58bac70673100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac2411a-PRG
jquery-migrate-3.0.0.min.js
memberdeals.com/js/
7 KB
3 KB
Script
General
Full URL
https://memberdeals.com/js/jquery-migrate-3.0.0.min.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/jquery-migrate-3.0.0.min.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 19 Jun 2019 12:33:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1bac-58bac70673100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac3411a-PRG
chosen.jquery.min.js
memberdeals.com/js/
25 KB
7 KB
Script
General
Full URL
https://memberdeals.com/js/chosen.jquery.min.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/chosen.jquery.min.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:12:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6459-558760150a1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac4411a-PRG
site.js
memberdeals.com/js/
48 KB
13 KB
Script
General
Full URL
https://memberdeals.com/js/site.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe3ffbf7f7f70e70e77d87137a7c26e95a568aae85e97346f02f2817d4797c0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/site.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 27 Jul 2021 14:39:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c1c9-5c81bd5313f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac5411a-PRG
menu_default.js
memberdeals.com/js/
24 B
132 B
Script
General
Full URL
https://memberdeals.com/js/menu_default.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/menu_default.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
content-length
24
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 07 Jan 2019 14:44:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"18-57edf427f5080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec751dac6411a-PRG
lightbox_capture_email.js
memberdeals.com/common_resources/tawframework/js/
11 KB
2 KB
Script
General
Full URL
https://memberdeals.com/common_resources/tawframework/js/lightbox_capture_email.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f07d83e08cea13142d0910411328a2ac03404ed50953e9f1ec60cd12b367a0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/tawframework/js/lightbox_capture_email.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 24 Jun 2021 13:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2a18-5c5836971b300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dac9411a-PRG
jquery.tinysort.min.js
memberdeals.com/js/
3 KB
2 KB
Script
General
Full URL
https://memberdeals.com/js/jquery.tinysort.min.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b5e8859e5145688d42f1789aae0c3b41061cd4bd8b786ea49d8b7f081bc9e0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/jquery.tinysort.min.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:12:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"cf8-558760150a1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dacb411a-PRG
adzerk.js
memberdeals.com/js/
1018 B
476 B
Script
General
Full URL
https://memberdeals.com/js/adzerk.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de879088a02b194eb0da406a872a2d17593dfc999c09f869b1292de7c24de9e6
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/adzerk.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Fri, 26 Jan 2018 22:17:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3fa-563b542b5e2c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dacc411a-PRG
product_page.js
memberdeals.com/js/
4 KB
1 KB
Script
General
Full URL
https://memberdeals.com/js/product_page.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7c335b54961e4ecb9180b379a168bfe1327d9294f3e1e9731c093bd32558a4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/product_page.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 02 Feb 2021 15:52:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ece-5ba5c7557d000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dacd411a-PRG
jquery.fancybox.js
memberdeals.com/common_resources/js/fancybox2/
50 KB
14 KB
Script
General
Full URL
https://memberdeals.com/common_resources/js/fancybox2/jquery.fancybox.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba729661c14d7e8d902bb104a410fdab3fe511fa87084d400d6575bd65cd71c4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common_resources/js/fancybox2/jquery.fancybox.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 05 Sep 2017 19:06:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c625-55875ee7adac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dacf411a-PRG
js
maps.googleapis.com/maps/api/
140 KB
46 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?client=gme-entertainmentbenefits&v=3.32&libraries=places&ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d0a7f2f8f9fd7deaf9316be6ac92379dfdfaea51dd9290a01d246890b8a24ce9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:11 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46444
x-xss-protection
0
expires
Mon, 30 Aug 2021 15:11:11 GMT
hotel.js
memberdeals.com/js/
35 KB
8 KB
Script
General
Full URL
https://memberdeals.com/js/hotel.js?ebgcbv=82
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9012c94be17d8875f1e8d027ee9c19b2006928da2ecc9350ca10a5a4648a2f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/hotel.js?ebgcbv=82
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 23 Sep 2020 13:42:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8c24-5affb42fbbec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec751dad2411a-PRG
api.js
memberdeals.com/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://memberdeals.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
686ec758797f411a-PRG
vary
Accept-Encoding
loading2.gif
memberdeals.com/img/
2 KB
2 KB
Image
General
Full URL
https://memberdeals.com/img/loading2.gif
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/loading2.gif
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
41398
vary
Accept-Encoding
content-length
1924
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"784-4fb039b128b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/gif
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758a9d6411a-PRG
expires
Wed, 29 Sep 2021 03:11:15 GMT
hotel_search_logo.jpg
memberdeals.com/img/
32 KB
32 KB
Image
General
Full URL
https://memberdeals.com/img/hotel_search_logo.jpg
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7950f2a63949c53127bc6213076a4ec229538b493ed10b5cef141f0f46dbd18
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/hotel_search_logo.jpg
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
100646
vary
Accept-Encoding
content-length
32265
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7e09-4fb039b128b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/jpeg
expires
Tue, 28 Sep 2021 10:43:47 GMT
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758a9d7411a-PRG
cf-bgj
h2pri
ani_orange_bar.gif
memberdeals.com/img/
3 KB
3 KB
Image
General
Full URL
https://memberdeals.com/img/ani_orange_bar.gif
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde540937bb39aa7dea3c68014204f32c0254e3f80b488bd5c0f48c413807a90
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/ani_orange_bar.gif
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
41393
vary
Accept-Encoding
content-length
3183
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"c6f-4fb039b0348c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/gif
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758a9d9411a-PRG
expires
Wed, 29 Sep 2021 03:11:20 GMT
hotel-searching-badge.gif
memberdeals.com/img/
16 KB
16 KB
Image
General
Full URL
https://memberdeals.com/img/hotel-searching-badge.gif
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea3a717a46d3047e0f57e4eec51e4c1b9317d916d2c6a810d6bdbb6ce05d11d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/hotel-searching-badge.gif
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
vary
Accept-Encoding
content-length
16545
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 04 Aug 2014 20:34:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"40a1-4ffd3aa0cf1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/gif
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758b9db411a-PRG
expires
Wed, 29 Sep 2021 14:41:13 GMT
affiliate_logo.jpg
memberdeals.com/site_img/corporateshopping/
17 KB
17 KB
Image
General
Full URL
https://memberdeals.com/site_img/corporateshopping/affiliate_logo.jpg
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb66a8cf6e9afd0f8dc07d5fc6595520d66ea06aa5156182ab09f4190e5ebd6
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/site_img/corporateshopping/affiliate_logo.jpg
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
100642
vary
Accept-Encoding
content-length
17105
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 07 May 2018 17:12:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"42d1-56ba0c4de59d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/jpeg
expires
Tue, 28 Sep 2021 10:43:51 GMT
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758b9dc411a-PRG
cf-bgj
h2pri
logo.png
memberdeals.com/img/
8 KB
9 KB
Image
General
Full URL
https://memberdeals.com/img/logo.png
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1f11f59bbae8a7f7cccb00d4c5b44573d63897113a6af1674a3c27e8d9693f5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/logo.png
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
vary
Accept-Encoding
content-length
8643
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"21c3-4fb039b128b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/png
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758b9e2411a-PRG
expires
Wed, 29 Sep 2021 14:41:13 GMT
best_rate_guarantee_for_dark.png
memberdeals.com/img/
16 KB
16 KB
Image
General
Full URL
https://memberdeals.com/img/best_rate_guarantee_for_dark.png
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c81f4dfe91ce41444220ac866f74c8aeed63b3341fef207bc5a36641b765f75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/best_rate_guarantee_for_dark.png
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3742
vary
Accept-Encoding
content-length
16298
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3faa-4fb039b0348c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/png
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758b9e3411a-PRG
expires
Wed, 29 Sep 2021 13:38:51 GMT
product_list_view.png
memberdeals.com/img/
4 KB
4 KB
Image
General
Full URL
https://memberdeals.com/img/product_list_view.png
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf4002eb375c47c590ca035ca0d69d745c11a3dfa19f0b2e2393013737c88da
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/product_list_view.png
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3742
vary
Accept-Encoding
content-length
3605
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"e15-4fb039b128b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/png
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758b9e5411a-PRG
expires
Wed, 29 Sep 2021 13:38:51 GMT
product_grid_view.png
memberdeals.com/img/
4 KB
4 KB
Image
General
Full URL
https://memberdeals.com/img/product_grid_view.png
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48669852d6632e41ca830bccd57f27113474d8a71a7c7decff190e40bf7010ad
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/product_grid_view.png
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
vary
Accept-Encoding
content-length
3612
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"e1c-4fb039b128b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/png
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758c9f6411a-PRG
expires
Wed, 29 Sep 2021 14:41:13 GMT
logo-191-0.jpg
www.ebgaffiliates.com/resources/site_resources/images/tickets/
31 KB
31 KB
Image
General
Full URL
https://www.ebgaffiliates.com/resources/site_resources/images/tickets/logo-191-0.jpg
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c462532bb0540823bf082bd60733e1d88265d9f532e310da3a70fac9ff413df9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept-Encoding
content-length
31429
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 06 Jan 2020 14:32:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"7ac5-59b7986fd10da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:39:24 GMT
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec7591c96f9de-PRG
cf-bgj
h2pri
logo-2354-0.jpg
www.ebgaffiliates.com/resources/site_resources/images/tickets/
6 KB
7 KB
Image
General
Full URL
https://www.ebgaffiliates.com/resources/site_resources/images/tickets/logo-2354-0.jpg
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df90a544d10f519dbebaf47025a33e4814bd6efc358fb5a999079e7a5fd57259
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept-Encoding
content-length
6042
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 12 Aug 2021 18:42:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"179a-5c96119f2fdff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:38:13 GMT
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec7591c98f9de-PRG
cf-bgj
h2pri
affiliate_footer_logo.jpg
memberdeals.com/site_img/corporateshopping/
4 KB
4 KB
Image
General
Full URL
https://memberdeals.com/site_img/corporateshopping/affiliate_footer_logo.jpg
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad0f0c43275b9b3e8168a658af0c85875bb62dd70a24d90907cff2e4a8fddbd0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/site_img/corporateshopping/affiliate_footer_logo.jpg
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
100642
vary
Accept-Encoding
content-length
4140
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 07 May 2018 17:12:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"102c-56ba0c4de6589"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
image/jpeg
expires
Tue, 28 Sep 2021 10:43:51 GMT
cache-control
max-age=2592000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758c9f8411a-PRG
cf-bgj
h2pri
form.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/form.css
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:12 GMT
Last-Modified
Wed, 28 Jul 2021 19:02:20 GMT
Server
nginx/1.21.1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2620
init.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/js/
6 KB
7 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/js/init.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
ed953262370c9dd1f14474cc6d4c24d6f7ef4a2327f419acb656a02ee26b1ea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:13 GMT
Last-Modified
Wed, 28 Jul 2021 19:02:20 GMT
Server
nginx/1.21.1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6602
p13n.min.js
cdn.boomtrain.com/p13n/ebg-md/
73 KB
24 KB
Script
General
Full URL
https://cdn.boomtrain.com/p13n/ebg-md/p13n.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-106.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
920e97989c141b12af50d25f38ea63ecbc9ca689c8695c005e5fcca8a8d54e31

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
vDfTz8a9rchsV0mmqovbS0N8pUSnnmR0
Content-Encoding
gzip
ETag
W/"74c9105a7e70bd3880d67b7ab4fc1681"
Age
2885
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 28 Aug 2021 01:18:28 GMT
Server
AmazonS3
Date
Mon, 30 Aug 2021 14:41:12 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Cache-Control
public, max-age=3600
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
7ppdUSU5nFb0CcS-0WrYyZYl_Xkf7kbOefK0u3uBN7KjEeID7dXKWw==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323
388 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a8596247e6f945dea1725bc260752fb8284052797e1b723253258e09f26fb776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v015-02e259e58.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Bb/mjdLoTOY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://memberdeals.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
324
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v015-0c67acd41.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://memberdeals.com
X-TID
JmlSzaF9T0o=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1630334472323
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/launch-81239ab38161.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Mon, 30 Aug 2021 15:41:13 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/launch-81239ab38161.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Mon, 30 Aug 2021 15:41:13 GMT
bootstrap4.min.css
memberdeals.com/css/bootstrap/
153 KB
22 KB
Stylesheet
General
Full URL
https://memberdeals.com/css/bootstrap/bootstrap4.min.css
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7708e78140263c392624a73649d0ec75e3712e4c5cc6873f720c64095744dac7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/bootstrap/bootstrap4.min.css
pragma
no-cache
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333; at_check=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memberdeals.com
referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3749
strict-transport-security
max-age=5184000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 24 Jun 2021 13:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"262f3-5c5836971b300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec7549926411a-PRG
li.php
memberdeals.com/common_resources/
2 B
276 B
XHR
General
Full URL
https://memberdeals.com/common_resources/li.php
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333; at_check=true
content-length
345
:path
/common_resources/li.php
pragma
no-cache
x-newrelic-id
XA4PUldACQIAXFdUAA==
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
X-NewRelic-ID
XA4PUldACQIAXFdUAA==
X-Requested-With
XMLHttpRequest
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
strict-transport-security
max-age=5184000; includeSubDomains
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
set-cookie
gdpr_pp=1; expires=Wed, 29-Sep-2021 14:41:12 GMT; Max-Age=2592000; path=/
cf-ray
686ec7555add411a-PRG
expires
Thu, 19 Nov 1981 08:52:00 GMT
id
smetrics.memberdeals.com/
48 B
511 B
XHR
General
Full URL
https://smetrics.memberdeals.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&mid=08882566436822531954204384694672189646&ts=1630334472647
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
9de3a50b788d4d10f21f2f5acadd41679b0d1d5fd2abd08f19e468ffb8b41050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 30 Aug 2021 14:41:12 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f47784dbf-dtgln
vary
Origin
x-c
main-1506.I6462f6.M0-512
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://memberdeals.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YSzuCQAAAMVyQAQS
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=08915448484840243724203026667841622385
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSzuCQAAAMVyQAQS
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSzuCQAAAMVyQAQS
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v015-03ded5fd4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+3/yveD8QKQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSzuCQAAAMVyQAQS
Date
Mon, 30 Aug 2021 14:41:13 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
entertainmentbenefit.tt.omtrdc.net/rest/v1/
279 B
505 B
XHR
General
Full URL
https://entertainmentbenefit.tt.omtrdc.net/rest/v1/delivery?client=entertainmentbenefit&sessionId=29367819c7104658a1c37cfb25aff505&version=2.5.0
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.77.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-77-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
752368d8f99174f2fc5fa93fe6df67c648f071976ec89d1de698360c31c4c892

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://memberdeals.com
date
Mon, 30 Aug 2021 14:41:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
fb211926264659d1e6646903625b648b
content-type
application/json;charset=UTF-8
id
dpm.demdex.net/
388 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&d_mid=08882566436822531954204384694672189646&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1630334472762
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72bcf3587f38b15e822efa3819b0ab8a6c7a122df5de84d8a3a1107c90ed3b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v015-0d2feb3d1.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
QHG80NmARw0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://memberdeals.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
323
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ados.js
static.adzerk.net/
37 KB
9 KB
Script
General
Full URL
https://static.adzerk.net/ados.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-94.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f23081bfd910188aac6eb78f27b1113a8974c00658e3d9c14451927e2da64a6e

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
280p16EFZGEQ0G32cX3X1Yy_T8kEs8mg
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 18:19:13 GMT
server
AmazonS3
age
249521
etag
"feda8cf2a82c9f486efe782c910078b9"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
date
Fri, 27 Aug 2021 17:22:33 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
8888
x-amz-cf-id
WZxRzPtnRL6BGpWcMmquDttcrH3VUyCsZRJnkjaSmsqn5Jd4hcSl9g==
li.php
memberdeals.com/common_resources/
2 B
220 B
XHR
General
Full URL
https://memberdeals.com/common_resources/li.php
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
content-length
345
:path
/common_resources/li.php
pragma
no-cache
x-newrelic-id
XA4PUldACQIAXFdUAA==
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
X-NewRelic-ID
XA4PUldACQIAXFdUAA==
X-Requested-With
XMLHttpRequest
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
strict-transport-security
max-age=5184000; includeSubDomains
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
cf-ray
686ec758a9c8411a-PRG
expires
Thu, 19 Nov 1981 08:52:00 GMT
lato-regular-webfont.woff
memberdeals.com/css/fonts/
31 KB
31 KB
Font
General
Full URL
https://memberdeals.com/css/fonts/lato-regular-webfont.woff
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
:path
/css/fonts/lato-regular-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://memberdeals.com
Referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3723
vary
Accept-Encoding
content-length
31808
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7c40-4fb039b0348c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
font/opentype
cache-control
max-age=7776000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758c9f9411a-PRG
expires
Sun, 28 Nov 2021 13:39:10 GMT
oswald-regular-webfont.woff
memberdeals.com/css/fonts/
25 KB
26 KB
Font
General
Full URL
https://memberdeals.com/css/fonts/oswald-regular-webfont.woff
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eea67db0264d50ca341a7efe055e80f6ff79f6581de3e2843a6f59d879e39f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
:path
/css/fonts/oswald-regular-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://memberdeals.com
Referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3723
vary
Accept-Encoding
content-length
26080
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"65e0-4fb039b0348c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
font/opentype
cache-control
max-age=7776000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758ca02411a-PRG
expires
Sun, 28 Nov 2021 13:39:10 GMT
fontawesome-webfont.woff2
memberdeals.com/css/fonts/
65 KB
66 KB
Font
General
Full URL
https://memberdeals.com/css/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/font-awesome.min.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
:path
/css/fonts/fontawesome-webfont.woff2?v=4.5.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/css/font-awesome.min.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://memberdeals.com
Referer
https://memberdeals.com/css/font-awesome.min.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3723
strict-transport-security
max-age=5184000; includeSubDomains
content-length
66624
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Tue, 15 May 2018 12:24:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"10440-56c3db01c41c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758ca04411a-PRG
lato-black-webfont.woff
memberdeals.com/css/fonts/
31 KB
31 KB
Font
General
Full URL
https://memberdeals.com/css/fonts/lato-black-webfont.woff
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd675b3c3919a2d6bdc0e317c3427ad7672f88447240ceb041988f1a330f905e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
:path
/css/fonts/lato-black-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://memberdeals.com
Referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3723
vary
Accept-Encoding
content-length
31244
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7a0c-4fb039af40680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
font/opentype
cache-control
max-age=7776000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec758ca05411a-PRG
expires
Sun, 28 Nov 2021 13:39:10 GMT
dest5.html
entertainmentbenefitsgroupllc.demdex.net/ Frame 1F20
7 KB
3 KB
Document
General
Full URL
https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
entertainmentbenefitsgroupllc.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=08915448484840243724203026667841622385
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 30 Aug 2021 14:41:13 GMT
DCS
dcs-prod-irl1-1-v015-0a0316a2f.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 26 Aug 2021 10:23:07 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
X3ECnItjScQ=
Content-Length
2791
Connection
keep-alive
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6553
date
Mon, 30 Aug 2021 12:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 30 Aug 2021 14:52:00 GMT
lato-bold-webfont.woff
memberdeals.com/css/fonts/
32 KB
32 KB
Font
General
Full URL
https://memberdeals.com/css/fonts/lato-bold-webfont.woff
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273
:path
/css/fonts/lato-bold-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://memberdeals.com
Referer
https://memberdeals.com/css/corporateshopping/site.css?ebgcbv=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3723
vary
Accept-Encoding
content-length
32392
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 04 Jun 2014 14:40:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7e88-4fb039af40680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
content-type
font/opentype
cache-control
max-age=7776000, public
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
accept-ranges
bytes
cf-ray
686ec7591a8b411a-PRG
expires
Sun, 28 Nov 2021 13:39:10 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1894757300&t=pageview&_s=1&dl=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1&ul=en-us&de=UTF-8&dt=Knott%27s%20Berry%20Farm%20-%20MemberDeals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=108208244&gjid=1470302530&cid=1711878159.1630334473&tid=UA-50443255-1&_gid=1280183483.1630334473&_r=1&_slc=1&z=100378234
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memberdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
RCae0525e23b9d4472a27598d7c7cde73b-source.min.js
assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/
7 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/RCae0525e23b9d4472a27598d7c7cde73b-source.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
304b2f0dfab1cc3199c2ed488f64837bdd026a879223e853250b56c906b44800

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 12:32:33 GMT
server
AkamaiNetStorage
etag
"13c15af0b54a934bb0e93f7e11ed2de7:1625229153.874106"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2022
expires
Mon, 30 Aug 2021 15:41:13 GMT
RCc1f70caa6fa64436b1027bba279675bf-source.min.js
assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/
1 KB
876 B
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/RCc1f70caa6fa64436b1027bba279675bf-source.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4ee687048ae2ee0d9219ee921687dc0c9d5d0c10aaa07f84ff58db035ea95cd3

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 12:32:33 GMT
server
AkamaiNetStorage
etag
"13c15af0b54a934bb0e93f7e11ed2de7:1625229153.874106"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
612
expires
Mon, 30 Aug 2021 15:41:13 GMT
page-lib.min.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/
16 KB
8 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/page-lib.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 19:02:20 GMT
Server
nginx/1.21.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
ados
e-49.adzerk.net/
6 KB
2 KB
Script
General
Full URL
https://e-49.adzerk.net/ados?t=1630334473312&request=%7B%22Placements%22:%5B%7B%22A%22:49,%22S%22:66506,%22D%22:%22azk78006%22,%22AT%22:1997%7D,%7B%22A%22:49,%22S%22:66506,%22D%22:%22azk27775%22,%22AT%22:1996%7D,%7B%22A%22:49,%22S%22:66506,%22D%22:%22azk41593%22,%22AT%22:1996%7D,%7B%22A%22:49,%22S%22:66506,%22D%22:%22azk7886%22,%22AT%22:1996%7D%5D,%22Keywords%22:%22undefined%22,%22Referrer%22:%22%22,%22IsAsync%22:true%7D
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::1717:78cc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 / adzerk bifrost/
Resource Hash
83a30bfc8366c589a1ebcf1758da618316c75378ba032df4b34078179ff204df

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:13 GMT
Content-Encoding
gzip
x-powered-by
adzerk bifrost/
Connection
keep-alive
Content-Length
1800
x-served-by
engine-production-i-0a80a858cd859d5d8
Pragma
no-cache
Server
nginx/1.18.0
ETag
W/"1673-BpJh9IBuRMgPzjvPSXFTicIbKSs"
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
undefined
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Expires
0
resolve
people.api.boomtrain.com/identify/
118 B
433 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6e319&site_id=ebg-md
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.31.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-31-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
31d719da1f3f90b7aaefde03914d0ef904fc4702e2b3a1c39dbe32286fb292ef

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:13 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
118
collect
stats.g.doubleclick.net/j/
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-50443255-1&cid=1711878159.1630334473&jid=108208244&gjid=1470302530&_gid=1280183483.1630334473&_u=IEBAAAAAAAAAAC~&z=509357983
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 30 Aug 2021 14:41:13 GMT
content-type
text/plain
access-control-allow-origin
https://memberdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
RC237fdbff8b20491f8c539f7f07e130d2-source.min.js
assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/
496 B
563 B
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/ff77554c5db6/3224e177b682/RC237fdbff8b20491f8c539f7f07e130d2-source.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ea2df61f66be4b0ea69002ddbcfca25c045854e5a6e05c163cff8b5191fa349b

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 12:32:33 GMT
server
AkamaiNetStorage
etag
"13c15af0b54a934bb0e93f7e11ed2de7:1625229153.874106"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://memberdeals.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
298
expires
Mon, 30 Aug 2021 15:41:13 GMT
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 06 Sep 2021 14:41:13 GMT
s62927271981687
smetrics.memberdeals.com/b/ss/entbenmember/1/JS-2.22.0-LBSQ/
43 B
354 B
Image
General
Full URL
https://smetrics.memberdeals.com/b/ss/entbenmember/1/JS-2.22.0-LBSQ/s62927271981687?AQB=1&ndh=1&pf=1&t=30%2F7%2F2021%2016%3A41%3A13%201%20-120&sdid=33272F40A8B1A21A-11AAE1B307E7D9E8&mid=08882566436822531954204384694672189646&aamlh=6&ce=UTF-8&ns=entertainmentbenefits&pageName=category%3A%20knotts%20berry%20farm&g=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1&cc=USD&ch=category&events=event10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=category&h1=MemberDeals%3AKnott%27s%20Berry%20Farm&c4=knott-berry-farm&v4=D%3Dc4&c6=desktop&c7=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1&c9=anonymous&v9=Monday%20-%2010%3A30AM&c10=product_page&c11=not%20logged%20in&c12=Knott%27s%20Berry%20Farm&c13=2758%7CCorporateShopping_MemberDeals&v13=2758&c14=D%3Dc43&v37=D%3Dc11&c46=August%7C30%7C2021%7CMonday%7C10%7C41%7CAM%7CWeekday%7CMorning&c47=category%3A%20knotts%20berry%20farm&c66=%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1&c67=%2Fcorporateshopping%2Fpages.php&c68=%3Fsub%3Dknott-berry-farm%26login%3D1&c73=odkumjm4lje4ni4yndu%3D&c74=md%7Caffiliates%7Ccorporateshopping%7Cpages%7Csub%3Dknott-berry-farm&v85=D%3Dc7&v88=D%3Dc73&v96=D%3Dc47&v97=D%3Dc13&v98=D%3Dc46&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&AQE=1
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
x-c
main-1506.I6462f6.M0-512
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 31 Aug 2021 14:41:13 GMT
server
jag
xserver
anedge-f47784dbf-5pj7l
etag
3501116622356840448-4619442589843243034
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 29 Aug 2021 14:41:13 GMT
result
memberdeals.com/cdn-cgi/bm/cv/
0
317 B
XHR
General
Full URL
https://memberdeals.com/cdn-cgi/bm/cv/result?req_id=686ec74d6855411a
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://memberdeals.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
PHPSESSID=3c45hr4t4thsvctmmpcopqbbj6; adzerk_keywords=%5B%22%22%2C%22knotts%20berry%20farm%22%5D; MEMBERDEALS=!DnHkpQnEfH0pZinTyRfNZ4y0D2cw9mkmeX7kK0wj9dQtxRYYE/rMCOQvA/5EyOBclULiRmwLDsqSc6Y=; __cf_bm=6e20b5fcef0ab572c05451aa6a451a1fad661a37-1630334471-1800-AXsbrbBhjMOyvzDbVvVIVvwXDvC6GMbIFWtZkPMGut6x+vqCZ4eRNN1fuIlaFXj0+dLppm78x+/NAGt4XI6zCCg=; at_check=true; AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg=1; s_ecid=MCMID%7C08882566436822531954204384694672189646; gdpr_pp=1; mbox=session#29367819c7104658a1c37cfb25aff505#1630336333|PC#29367819c7104658a1c37cfb25aff505.37_0#1693579273; _ga=GA1.2.1711878159.1630334473; _gid=GA1.2.1280183483.1630334473; _gat=1; btIdentify=4bf475c2-b5b7-42d2-c91a-7625e468a706; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=2ac5eadc-5c36-40d3-8b55-4f1d36feb33c; AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg=-1124106680%7CMCIDTS%7C18870%7CMCMID%7C08882566436822531954204384694672189646%7CMCAAMLH-1630939272%7C6%7CMCAAMB-1630939272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1630341672s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18877%7CvVersion%7C5.2.0; prev_url=https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1; s_v37=not%20logged%20in; gpv_v5=category%3A%20knotts%20berry%20farm; s_ptc=%5B%5BB%5D%5D; s_cc=true
content-length
488
:path
/cdn-cgi/bm/cv/result?req_id=686ec74d6855411a
pragma
no-cache
x-newrelic-id
XA4PUldACQIAXFdUAA==
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
memberdeals.com
referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
:scheme
https
sec-fetch-site
same-origin
:method
POST
X-NewRelic-ID
XA4PUldACQIAXFdUAA==
Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Aug 2021 14:41:13 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=5184000; includeSubDomains
set-cookie
__cf_bm=bb9fdf9b3a09d705fd2f8ff567dac0c69371483d-1630334473-1800-Acrt6FpC7TZPatiM9LrLI4/vzlcD1dt9ePhd+1d8Rilbm9cjqds1D5i0UR3/S+psYlb1bBo/PL+8ym+LmINf2DYjE6CP9Thsnl8f79dUN01BcgTom8Jpmrp2pimA0M6ayeOEL5aXJdRNN+LT2azW9mUOlj4x4yb56rO6oTvHvEWvbIWhZzJk1Tpgl8y9ASjCow==; path=/; expires=Mon, 30-Aug-21 15:11:13 GMT; domain=.memberdeals.com; HttpOnly; Secure; SameSite=None
cf-ray
686ec75b8896411a-PRG
vary
Accept-Encoding
rules-p-qeQMJsFNW6YvZ.js
rules.quantcount.com/
2 B
353 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-qeQMJsFNW6YvZ.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:38:40 GMT
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
server
AmazonS3
age
153
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
content-length
2
x-amz-cf-id
8Fibu8ppoTyRdMzQH70Cbnzqhe1E0xGGSwxa39y0sjPa3gKGLS2qhw==
rules-p-zhY3S1asLzBpZ.js
rules.quantcount.com/
2 B
354 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-zhY3S1asLzBpZ.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:33:29 GMT
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
server
AmazonS3
age
463
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
content-length
2
x-amz-cf-id
iU_XouD_gobAOXjxsDMX1h4zC0qOsE5nDMxd-czYAT8J77OHvuqp_A==
chat-widget.min.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/
212 KB
63 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
766ad6532190efa0b3aed028c65b2b8f1bb95267d4826d79987a065e8dd49e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 19:02:20 GMT
Server
nginx/1.21.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
pixel;r=2052396271;rf=0;a=p-qeQMJsFNW6YvZ;url=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1;uht=2;fpan=1;fpa=P0-1326925348-1630334473582;pbcn=u;...
pixel.quantserve.com/
35 B
370 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2052396271;rf=0;a=p-qeQMJsFNW6YvZ;url=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1;uht=2;fpan=1;fpa=P0-1326925348-1630334473582;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=memberdeals.com;je=0;sr=1600x1200x24;dst=1;et=1630334473582;tzo=-120;ogl=
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 14:41:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=718980415;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1;uht=2;fpan=0;fpa=P0-1326925348-1630334473582;pbcn=u;p...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=718980415;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1;uht=2;fpan=0;fpa=P0-1326925348-1630334473582;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=memberdeals.com;je=0;sr=1600x1200x24;dst=1;et=1630334473583;tzo=-120;ogl=
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 14:41:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
track
events.api.boomtrain.com/event/
2 B
248 B
XHR
General
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.113.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-113-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Aug 2021 14:41:14 GMT
server
nginx
allow
GET, HEAD, OPTIONS, POST
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
nr-spa-1210.min.js
js-agent.newrelic.com/
41 KB
16 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding
gzip
etag
"d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id
WX0V4HYCNZMQF8V1
x-cache
HIT
content-length
15563
x-amz-id-2
V3NWDRAGc9SgNVtEBWiiDcINCoTerPj471IMrsQhETN32n9I20g9CtqBNYipCh1nBoNnp81FM40=
x-served-by
cache-fra19156-FRA
last-modified
Tue, 22 Jun 2021 22:47:08 GMT
server
AmazonS3
x-timer
S1630334474.130453,VS0,VE0
date
Mon, 30 Aug 2021 14:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
647
snippet.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/
9 KB
9 KB
Stylesheet
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/snippet.css
Requested by
Host: ebgcc.brightpattern.com
URL: https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
34a0018f47b5df50f0969c6d85c594aebd9f58b31d0ee070c3bc4125b9c3dcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:14 GMT
Last-Modified
Wed, 28 Jul 2021 19:02:20 GMT
Server
nginx/1.21.1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8919
f30ac265f9
bam-cell.nr-data.net/1/
49 B
881 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/f30ac265f9?a=1108667&v=1210.e2a3f80&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=3407&ck=1&ref=https://memberdeals.com/corporateshopping/pages.php&ap=459&be=1641&fe=3315&dc=2530&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1630334470759,%22n%22:0,%22f%22:420,%22dn%22:421,%22dne%22:421,%22c%22:421,%22s%22:437,%22ce%22:507,%22rq%22:507,%22rp%22:1188,%22rpe%22:1221,%22dl%22:1192,%22di%22:2528,%22ds%22:2528,%22de%22:2532,%22dc%22:3315,%22l%22:3315,%22le%22:3316%7D,%22navigation%22:%7B%7D%7D&fp=2353&fcp=2353&at=SBIFFQNPShk%3D&jsonp=NREUM.setToken
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 14:41:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVTAAQBXFFTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLBFYBU3RMB05WAhtDXwYPCwdTAFYOAAFXAlBTAkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
686ec75fce414107-PRG
f30ac265f9
bam-cell.nr-data.net/events/1/
24 B
503 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/f30ac265f9?a=1108667&v=1210.e2a3f80&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=4774&ck=1&ref=https://memberdeals.com/corporateshopping/pages.php
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 30 Aug 2021 14:41:16 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://memberdeals.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
686ec76829854107-PRG
Content-Length
24
common.js
maps.googleapis.com/maps-api-v3/api/js/45/8b/
87 KB
32 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/8b/common.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
532c38e69af5268621d36b08c921d395e708031d1d5e0e921932a53ea0f5d23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32205
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 23:52:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 08:08:21 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/45/8b/
289 KB
88 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/8b/util.js
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8d6ad556ba215c4a9d099f74275b4e77f4d3fb91eeb6c21dafa186feaef92f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:56:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90471
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 23:52:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 13:56:29 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/
62 B
84 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fmemberdeals.com%2Fcorporateshopping%2Fpages.php%3Fsub%3Dknott-berry-farm%26login%3D1&2sgme-entertainmentbenefits&callback=_xdc_._bq6odh&client=gme-entertainmentbenefits&token=102712
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a2780b09b845792d5985f171d6f4f42eb1e53396004f02c8a3b047cf04c1ab46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 14:41:18 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f30ac265f9
bam-cell.nr-data.net/events/1/
24 B
503 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/f30ac265f9?a=1108667&v=1210.e2a3f80&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=13407&ck=1&ref=https://memberdeals.com/corporateshopping/pages.php
Requested by
Host: memberdeals.com
URL: https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://memberdeals.com/corporateshopping/pages.php?sub=knott-berry-farm&login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 30 Aug 2021 14:41:24 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://memberdeals.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
686ec79e1f024107-PRG
Content-Length
24

Verdicts & Comments Add Verdict or Comment

351 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| _js_ebgurl string| css function| setCookie function| getCookie function| jQueryWait function| display_campaign function| adjust_header object| scripts string| LI_AFFILIATE_ID object| li_info object| kWidgetWrapper object| InteractionAnalytics object| InteractionAnalyticsUtility object| EBGData object| rfk string| rfk_product_base_path string| site_id function| bt object| _bt object| ebg object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AdobePrivacy object| targetGlobalSettings object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| trackReflektion function| url string| _TAW_AFFILIATE_FOLDER object| NREUM object| newrelic function| __nr_require function| $ function| jQuery boolean| mapLoaded function| objectKeys function| initCombinedSearch function| convert_vendor_fields function| vendor_copy_information function| validate_salesforce_form function| firstalert undefined| firstalert_callback function| firstalert_select function| popup_seats function| link_provinces function| generateVideo function| number_format function| appendScriptUrl undefined| geocoder undefined| directionsService undefined| directionsDisplay undefined| mapInstance function| generateMap function| attachCopyFunction function| copyToClipboard function| blank function| unblank function| seeMore function| currency function| wasFromHere function| initQuickFind function| customFilterAND function| OpenResponsiveModal function| validateADAForm function| submitADAForm function| openContentModal function| goBack object| CaptureEmail function| ceModal object| ados string| protocol object| z object| s function| getUrlParameter function| filterProductPage function| switchHash function| openProductPageVideoModal object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| SEARCH_SETTINGS object| HotelFilter object| HotelCallback object| adults_per_room object| children_per_room object| child_ages_per_room number| max_child_age number| max_children_per_room number| max_adults_per_room object| hotel_quick_find_results object| hotel_loading_bar function| HotelLoadingBar boolean| hotels_loading_slow function| hotel_loading function| buildSelect function| make_star function| isNumber function| getHotelAvailability function| addHotelsToQuickFind function| getSearchUuid function| searchComplete function| CompileHotel function| setChildAge function| setNumAdults function| setNumChildren function| setNumRooms function| renderRoomSelect function| RefreshSearchWidget function| getValue function| initHotels function| initPlaceAutocomplete function| getUrlParam number| ITEMS_PER_PAGE number| PAGE_NUMBER number| TOTAL_ITEMS number| MAX_ITEMS string| RESULT_CONTAINER string| PAGER_CONTAINER boolean| PAGER_RUNNING boolean| DONT_GO_TO_TOP function| refreshPage function| goToPage function| sorting function| filterName function| filterPrice function| filterRating function| filterLandmark function| distance function| getDateInDays function| tohttps function| hotel_hqimg string| ebg_resources_domain string| ebg_cdn_domain boolean| viewToggleUsed object| search_items string| GoogleAnalyticsObject function| ga object| SERVICE_PATTERN_CHAT_CONFIG object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| getThisScriptObject object| selfScriptTag function| extractOriginFromUrl string| chatPath function| loadScripts boolean| initialized function| ready object| __CF$cv$params object| a0_0x433e function| a0_0x3d7e function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap number| adobe_request_count object| zerk_base64 function| zerk_generateUUID function| zerk_getQueryVariable function| adosRun function| cssLoad function| cssLinkLoad function| azHtmlLoad function| azScriptSRCLoad function| azScriptExtensionLoad function| azRegisterExtension function| azInitExtension function| ados_async_load function| azScriptInlineLoad function| azLoad function| zshow function| ados_addInlinePlacement function| ados_add_placement function| ados_addPlacement function| ados_loadDiv function| ados_setIp function| ados_setIP function| ados_setUserAgent function| ados_setUser function| ados_setConsent function| ados_setKeywords function| ados_setProperties function| ados_setKeywordCookie function| ados_setNoTrack function| ados_setDomain function| ados_setLatitude function| ados_setLongitude function| ados_setRadius function| ados_loadTags function| ados_setWriteResults function| ados_setPassbackTimeout function| ados_setAccessibility function| ados_log function| ados_addPlacementObject function| ados_refresh function| ados_loadResults function| ados_load function| ados_loadInline function| ados_loadPassback function| ados_passback_next function| ados_passback_last function| ados_findPassback function| azk_clearframe function| ados_passback function| azk_passback function| ados_execPassback function| ados_timeoutExpired function| ados_frameLoaded function| ados_passbackFilled function| ados_passbackWritePixel function| ados_writePixel function| ados_writeGenericPixel function| ados_loadFIframe function| ados_passback_receiveMessage object| zItems object| adosResults object| __core-js_shared__ object| children_ages_select_html object| children_age_columns_found string| adult_select_html string| children_select_html object| _qevents object| s_i_entbenmember function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| platform boolean| adobepageviewfired string| pubcidCookie string| raw__80792 function| raw_command__85150 string| pixel__34764 function| pixel_command__98550 string| raw__74347 function| raw_command__11587 string| pixel__77862 function| pixel_command__40719 string| raw__89837 function| raw_command__38718 string| pixel__99990 function| pixel_command__97491 string| raw__13680 function| raw_command__34878 string| pixel__90391 function| pixel_command__82047 function| chatApiSessionBuildSessionFromSessionId function| chatApiSessionCheckSessionExists function| chatApiSessionCreateSession function| chatApiSessionCreateSessionHandler function| chatApiSessionCreateSessionHandlerHelpers function| escapeHTML function| escapeRecursive function| isValidHrefAttribute function| isValidProtocol function| isValidHost function| isValidEmailAddress function| chatApiSessionHandleEvents function| chatApiSessionHandleHistoryEvents function| chatApiSessionPrepareRequest function| chatApiSessionPrintToConsole function| chatApiSessionSendXhr function| chatApiSessionStartPoll object| chatApiSessionVariables function| clientChatPageConfigurationChat function| clientChatPageConnection function| clientChatPageGenerateInputs function| clientChatPageGetConnectRequestData function| clientChatPageGetUrlVars function| clientChatPageInitDragAndDrop function| clientChatPageMakeId function| clientChatPageOnFormSubmit function| clientChatPageOnMessage function| clientChatPageOnReady object| persistentChat function| clientChatPageSafeEndSession function| clientChatPageSafeEndSessionConfirm function| clientChatPageShowForm function| clientChatPageUpdateScrollbar function| clientChatPageUploadFiles object| clientChatPageVariables function| clientChatUiAppendLog function| clientChatUiChatMessageTyping function| clientChatUiEscapeHtml function| clientChatUiI18n function| clientChatUiMsgKeyPress function| clientChatUiNotTyping function| clientChatUiPrepareEvent function| clientChatUiSendLocation function| clientChatUiSendMessage function| clientChatUiSendNavigation object| clientChatUiVariables object| callbackUtilService object| commonUtilService object| commonConstants object| htmlUtilService function| buildProactiveOfferPreview function| proactiveChatStarter object| proactiveOfferService function| scaleProactiveOffer object| widgetConfiguration function| chatCompareUrl function| constructorConfigurationPreview function| constructorHelpers function| constructorPreviewCode function| chatPreview function| chatSnippet function| snippetBuild function| snippetChatUrl function| snippetCheckAddFrame function| snippetCheckAvailability function| snippetCheckDeviceSupport function| loadCobrowsingSolution function| removeCobrowsingPopup function| showCobrowsingStartPopup function| snippetConfigurationSnippet function| snippetDraggable function| snippetHandleAvailability function| snippetHelperFunctions function| snippetKeepOpenedState function| snippetOnInitialize function| snippetOpenChat function| snippetShowNotification object| snippetSurfly object| snippetTogetherJs function| snippetVariables function| updateChatStyles object| cobrowsingSolution object| _xdc_

1 Cookies

Domain/Path Name / Value
.memberdeals.com/ Name: _bti
Value: %7B%22app_id%22%3A%22ebg-md%22%2C%22bsin%22%3A%22vwiestL8PNecEJGl8TK5NWg0Ye%2BmsLaiX9LlSnJfYwUsMG1L4LYVqx3j7B0VOhaZViYOreddAOKWMxsO%2Fq6oZQ%3D%3D%22%7D

2 Console Messages

Source Level URL
Text
console-api log URL: https://memberdeals.com/js/jquery-migrate-3.0.0.min.js?ebgcbv=82(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.0.0
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/45/8b/util.js(Line 240)
Message:
Google Maps JavaScript API warning: RetiredVersion https://developers.google.com/maps/documentation/javascript/error-messages#retired-version

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam-cell.nr-data.net
cdn.boomtrain.com
cm.everesttech.net
dpm.demdex.net
e-49.adzerk.net
ebgcc.brightpattern.com
entertainmentbenefit.tt.omtrdc.net
entertainmentbenefitsgroupllc.demdex.net
events.api.boomtrain.com
js-agent.newrelic.com
maps.googleapis.com
memberdeals.com
people.api.boomtrain.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
smetrics.memberdeals.com
static.adzerk.net
stats.g.doubleclick.net
trk.cp20.com
www.ebgaffiliates.com
www.google-analytics.com
104.18.11.167
104.18.29.205
13.224.93.106
13.224.93.94
15.188.95.229
151.101.13.27
162.247.243.147
199.101.26.126
216.24.224.100
2406:da00:ff00::1717:78cc
2600:9000:2190:7c00:6:44e3:f8c0:93a1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9d
2a02:26f0:6c00:299::1e80
34.195.31.102
34.240.223.28
34.251.77.56
52.72.113.151
99.80.210.73
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
15d606221f7a3f8ed27c71ad699247b2e830374a16c90ac8c813344e163a815f
1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711
2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5
304b2f0dfab1cc3199c2ed488f64837bdd026a879223e853250b56c906b44800
31d719da1f3f90b7aaefde03914d0ef904fc4702e2b3a1c39dbe32286fb292ef
34a0018f47b5df50f0969c6d85c594aebd9f58b31d0ee070c3bc4125b9c3dcce
3eb66a8cf6e9afd0f8dc07d5fc6595520d66ea06aa5156182ab09f4190e5ebd6
40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0
448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8
48669852d6632e41ca830bccd57f27113474d8a71a7c7decff190e40bf7010ad
4897eaf475af9e6e75d9bf8a87a2c7828ada48049941bae97eae46a890da8b97
4e61fb83f5e809e99b7b99517396b685e8090b5afc7e7c2f5241c01f76f2ddd2
4e9012c94be17d8875f1e8d027ee9c19b2006928da2ecc9350ca10a5a4648a2f
4ee687048ae2ee0d9219ee921687dc0c9d5d0c10aaa07f84ff58db035ea95cd3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
532c38e69af5268621d36b08c921d395e708031d1d5e0e921932a53ea0f5d23d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a436af94f9175cf7c9c7f7d30264770dbb67cb2f6b4a36b4743072113818a31
670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c81f4dfe91ce41444220ac866f74c8aeed63b3341fef207bc5a36641b765f75
6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7
72bcf3587f38b15e822efa3819b0ab8a6c7a122df5de84d8a3a1107c90ed3b23
73eea67db0264d50ca341a7efe055e80f6ff79f6581de3e2843a6f59d879e39f
752368d8f99174f2fc5fa93fe6df67c648f071976ec89d1de698360c31c4c892
766ad6532190efa0b3aed028c65b2b8f1bb95267d4826d79987a065e8dd49e59
7708e78140263c392624a73649d0ec75e3712e4c5cc6873f720c64095744dac7
79b5e8859e5145688d42f1789aae0c3b41061cd4bd8b786ea49d8b7f081bc9e0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83a30bfc8366c589a1ebcf1758da618316c75378ba032df4b34078179ff204df
920e97989c141b12af50d25f38ea63ecbc9ca689c8695c005e5fcca8a8d54e31
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747
9de3a50b788d4d10f21f2f5acadd41679b0d1d5fd2abd08f19e468ffb8b41050
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2780b09b845792d5985f171d6f4f42eb1e53396004f02c8a3b047cf04c1ab46
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb
a8596247e6f945dea1725bc260752fb8284052797e1b723253258e09f26fb776
a8d6ad556ba215c4a9d099f74275b4e77f4d3fb91eeb6c21dafa186feaef92f8
ad0f0c43275b9b3e8168a658af0c85875bb62dd70a24d90907cff2e4a8fddbd0
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7c335b54961e4ecb9180b379a168bfe1327d9294f3e1e9731c093bd32558a4
ba729661c14d7e8d902bb104a410fdab3fe511fa87084d400d6575bd65cd71c4
bbe3ffbf7f7f70e70e77d87137a7c26e95a568aae85e97346f02f2817d4797c0
bcf4002eb375c47c590ca035ca0d69d745c11a3dfa19f0b2e2393013737c88da
c462532bb0540823bf082bd60733e1d88265d9f532e310da3a70fac9ff413df9
cd675b3c3919a2d6bdc0e317c3427ad7672f88447240ceb041988f1a330f905e
ce90b8602f4c03d98edd426e4f219012297257690a293fefdc4f7224890701f0
d0a7f2f8f9fd7deaf9316be6ac92379dfdfaea51dd9290a01d246890b8a24ce9
d33c0a117c7ced57311bb022928565cbc86f95bec538c8dbb58eae320880c8a8
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de879088a02b194eb0da406a872a2d17593dfc999c09f869b1292de7c24de9e6
dea3a717a46d3047e0f57e4eec51e4c1b9317d916d2c6a810d6bdbb6ce05d11d
df90a544d10f519dbebaf47025a33e4814bd6efc358fb5a999079e7a5fd57259
dfb7d296be29ea57f0128e153dbd7bedeaff8f7b0f61c80d68730b1ba8e6deb0
e1f11f59bbae8a7f7cccb00d4c5b44573d63897113a6af1674a3c27e8d9693f5
e2f07d83e08cea13142d0910411328a2ac03404ed50953e9f1ec60cd12b367a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e744fc2b93e59bcbb17bec3fb46185876b3a0490ae24b4dbead87f1094ea5127
e7950f2a63949c53127bc6213076a4ec229538b493ed10b5cef141f0f46dbd18
e9228e9660ad4173083cb4d622c22d33c09a1e5a99967a8c5dae1ffcc9259782
ea2df61f66be4b0ea69002ddbcfca25c045854e5a6e05c163cff8b5191fa349b
ed953262370c9dd1f14474cc6d4c24d6f7ef4a2327f419acb656a02ee26b1ea6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23081bfd910188aac6eb78f27b1113a8974c00658e3d9c14451927e2da64a6e
f45c73c0747a0f7b5e5eec6fbc6250a562a0a009b04012eaf80aa52d4e51a55a
f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fde540937bb39aa7dea3c68014204f32c0254e3f80b488bd5c0f48c413807a90