share.acorns.com Open in urlscan Pro
3.225.29.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://share.acorns.com/charlesstorks
Effective URL:
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=...
Submission: On August 12 via manual (August 12th 2021, 12:21:14 pm UTC) from US

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 3.225.29.247, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is share.acorns.com.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.

This is the only time share.acorns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	3.225.29.247 3.225.29.247	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
6	2a02:26f0:fb:... 2a02:26f0:fb:592::10f5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	4

6 3.225.29.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-29-247.compute-1.amazonaws.com

share.acorns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sqy7rm.media.zestyio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:fb:592::10f5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

origin.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-7.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-0.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-4.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	xtlo.net origin.xtlo.net origin-7.xtlo.net origin-0.xtlo.net origin-4.xtlo.net	707 KB
6	acorns.com 1 redirects share.acorns.com	24 KB
2	googleapis.com fonts.googleapis.com	1022 B
1	zestyio.com sqy7rm.media.zestyio.com	3 KB
14	4

	Domain	Requested by
6	share.acorns.com	1 redirects share.acorns.com
2	origin-0.xtlo.net	share.acorns.com
2	origin-7.xtlo.net	share.acorns.com
2	fonts.googleapis.com	share.acorns.com
1	origin-4.xtlo.net	share.acorns.com
1	origin.xtlo.net	share.acorns.com
1	sqy7rm.media.zestyio.com	share.acorns.com
14	7

This site contains links to these domains. Also see Links.

Domain
signup.acorns.com
www.acorns.com

Subject Issuer	Validity	Valid
share.acorns.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.media.zestyio.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-19` - `2022-05-21`	a year	crt.sh
media.extole.com GeoTrust RSA CA 2018	`2021-07-29` - `2022-07-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
Frame ID: FA2C0AADFBABC4F035D20A5096CBAB13
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://share.acorns.com/charlesstorks HTTP 302
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&ex... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

4
IPs

2
Countries

734 kB
Transfer

789 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.acorns.com/?tierKey=GOLD&code=charlesstorks&s1=Referrals&referral_code=charlesstorks&campaign=6992340775173179141
Title: Get Started

Search URL Search Domain Scan URL

URL: https://www.acorns.com/pricing/?s1=Referrals&referral_code=charlesstorks&campaign=6992340775173179141
Title: Compare subscription tiers

Search URL Search Domain Scan URL

URL: https://www.acorns.com/referral-agreement/
Title: referral agreement.

Search URL Search Domain Scan URL

URL: https://signup.acorns.com/signup?tierKey=GOLD&s1=organic%20-%20(invite)&campaign=6992340775173179141
Title: Don't have a code?Sign Up Now

Search URL Search Domain Scan URL

URL: https://www.acorns.com/support/?_ga=1.215546071.1513112250.1436293244
Title: Need Help?Contact Us Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://share.acorns.com/charlesstorks HTTP 302
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request friend_landing_experience_microsite Show response
share.acorns.com/zones/
Redirect Chain

https://share.acorns.com/charlesstorks
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks

24 KB
7 KB

251ms
251ms

Document
text/html

3.225.29.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.29.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-29-247.compute-1.amazonaws.com

Software

Extole /

Resource Hash

3d31e139ed66191e359afa9cb0c496da4287265da173528b7d31ee716a6ec043

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.extole.com
X-Frame-Options	ALLOW-FROM https://*.extole.com

Request headers

:method: GET
:authority: share.acorns.com
:scheme: https
:path: /zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF; xtl_bid=6995517565269019033
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 12:20:57 GMT
content-type: text/html;charset=UTF-8
content-length: 6084
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
content-encoding: gzip
content-security-policy: frame-ancestors https://*.extole.com
p3p: CP="Please see our privacy policy"
set-cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None xtl_bid=6995517565269019033;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None
vary: Origin Accept-Encoding
x-extole-campaign: 6992340775173179141
x-extole-client-id: 1842186254
x-extole-input-event-id: 6995517564489892235
x-extole-token: T665VMD8A16AAE7QSHPHQG6QPF
x-frame-options: ALLOW-FROM https://*.extole.com
server: Extole
expires: Thu, 12 Aug 2021 12:20:56 GMT
cache-control: no-cache

Redirect headers

date: Thu, 12 Aug 2021 12:20:57 GMT
content-type: text/html
content-length: 20
location: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
content-encoding: gzip
content-security-policy: frame-ancestors https://*.extole.com
p3p: CP="Please see our privacy policy"
set-cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None xtl_bid=6995517565269019033;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None
vary: Origin Accept-Encoding
x-extole-campaign: 6992340775173179141
x-extole-client-id: 1842186254
x-extole-input-event-id: 6995517564338403076
x-extole-token: T665VMD8A16AAE7QSHPHQG6QPF
x-frame-options: ALLOW-FROM https://*.extole.com
server: Extole

GET
H2 200 css
fonts.googleapis.com/ 1 KB
521 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%20Sans

Requested by

Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90ae8acc52724a0db71ab879652d7f91ac6df14092934b6d5118d16a5b2e6f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 11:45:05 GMT
server: ESF
date: Thu, 12 Aug 2021 12:20:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Aug 2021 12:20:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
501 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%20Sans:600

Requested by

Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3612b95f548487013d3299b7bdf0174b5e094cf9aeceb73c9eb3796158febe45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:20:57 GMT
server: ESF
date: Thu, 12 Aug 2021 12:20:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Aug 2021 12:20:57 GMT

GET
H2 200 core.js Show response
share.acorns.com/ 41 KB
14 KB 108ms
108ms Script
application/javascript 3.225.29.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://share.acorns.com/core.js
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.225.29.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-29-247.compute-1.amazonaws.com
Software: Extole /
Resource Hash: 1358828490c86f03f067497ebed61728fea4b43a2f156b8278ec8f4c3167cf7c

Request headers

:path: /core.js
pragma: no-cache
cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF; xtl_bid=6995517565269019033
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: share.acorns.com
referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 12:20:57 GMT
content-encoding: gzip
server: Extole
vary: Origin Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
x-extole-client-id: 1842186254
access-control-max-age: 3600
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-expose-headers: X-Extole-Token

GET
H2 200 acorns-green-logo.png
sqy7rm.media.zestyio.com/ 3 KB
3 KB 66ms
20ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/acorns-green-logo.png
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f77b3c5a644a759462ec50ff9ca456fe2baa06e6401c5cdc3b6aa92ee2ac338e

Request headers

Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 12:20:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 1835254
x-cache: HIT, HIT
fastly-io-info: ifsz=7200 idim=238x64 ifmt=png ofsz=2700 odim=238x64 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 2700
server: UploadServer
etag: "RBouuqHj7pajNK6Q/Wd1X5huu1mxZdJMLBa98/+hB4U"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
x-hash: crc32c=ljM5gg==
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jul 2021 07:33:23 GMT

GET
H/1.1 200
OK Referral-Image.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=6992340776211414398:version=10:coreAssetsVersion=49/img/ 704 KB
700 KB 348ms
320ms Image
image/png 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=6992340776211414398:version=10:coreAssetsVersion=49/img/Referral-Image.png
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 8feb36fdef4b2f6deaccf164c01b40d4158e939b705c8e402c0ed389bd3f9e53

Request headers

Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 21:50:54 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591999
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding

GET
H/1.1 200
OK MainView.js Show response
origin-7.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=6992340776211414398:version=10:coreAssetsVersion=49/js/ 1 KB
991 B 43ms
13ms Script
application/javascript 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-7.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=6992340776211414398:version=10:coreAssetsVersion=49/js/MainView.js?site=share.acorns.com
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 84fa590ff15085065ea3b4d6cd341a41c97f148a258ab12db80565573b011994

Request headers

Origin: https://share.acorns.com
Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 21:50:54 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591983
Connection: keep-alive
Content-Length: 632

GET
H/1.1 200
OK user-service.js Show response
origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/ 6 KB
2 KB 42ms
13ms Script
application/javascript 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/user-service.js?site=share.acorns.com
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 8bd3784082637275a1208fa17960e043094c00c4561ad5bbdc6dbdf2eb4cac9d

Request headers

Origin: https://share.acorns.com
Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 12:20:40 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591983
Connection: keep-alive
Content-Length: 1843

GET
H/1.1 200
OK ElementControl.js Show response
origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/client/ 3 KB
1 KB 13ms
13ms Script
application/javascript 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/client/ElementControl.js?site=share.acorns.com
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 73e60c0e0531f1d98a455041ed114b13c731a34e19eccb3ced3711ead8af4a1f

Request headers

Origin: https://share.acorns.com
Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 12:20:40 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591983
Connection: keep-alive
Content-Length: 1056

GET
H/1.1 200
OK me-shareable-service.js Show response
origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/client/ 2 KB
1 KB 14ms
13ms Script
application/javascript 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/client/me-shareable-service.js?site=share.acorns.com
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: d302abab20ada69f57216c163ba863e373851b2fa617214433b45f457b3a6793

Request headers

Origin: https://share.acorns.com
Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 12:20:40 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591983
Connection: keep-alive
Content-Length: 975

GET
H/1.1 200
OK api.js Show response
origin-4.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/ 3 KB
2 KB 43ms
13ms Script
application/javascript 2a02:26f0:fb:592::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-4.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=49/common/api.js?site=share.acorns.com
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb:592::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 65085aba5d21778380ba2f13584bf59232d91078b8854331fc1704ab0d6e3b39

Request headers

Origin: https://share.acorns.com
Referer: https://share.acorns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 12:20:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 12:20:40 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=2591983
Connection: keep-alive
Content-Length: 1267

GET
H2 200 token Show response
share.acorns.com/api/v4/ 129 B
860 B 107ms
107ms XHR
application/json 3.225.29.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://share.acorns.com/api/v4/token
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.225.29.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-29-247.compute-1.amazonaws.com
Software: Extole /
Resource Hash: 3e93b687bfcd7699f3422539243c6623382dee876db8f31eafd73c125d1e497e

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-extole-app: javascript_sdk
sec-fetch-dest: empty
cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF; xtl_bid=6995517565269019033
:path: /api/v4/token
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: share.acorns.com
referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
X-Extole-App: javascript_sdk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Aug 2021 12:20:57 GMT
content-encoding: gzip
server: Extole
vary: Origin Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
x-extole-client-id: 1842186254
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
set-cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None xtl_bid=6995517565269019033;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:57 GMT;SameSite=None
content-type: application/json
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 128
expires: Thu, 12 Aug 2021 12:20:56 GMT

GET
H2 200 me Show response
share.acorns.com/api/v4/ 265 B
762 B 107ms
107ms XHR
application/json 3.225.29.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://share.acorns.com/api/v4/me
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.225.29.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-29-247.compute-1.amazonaws.com
Software: Extole /
Resource Hash: 48fefe609281465ff253a06802e76884dc8b2c1ecc62c0fe13fec58fbb64a9e9

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-extole-app: javascript_sdk
authorization: T665VMD8A16AAE7QSHPHQG6QPF
sec-fetch-dest: empty
cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF; xtl_bid=6995517565269019033; extole_access_token=T665VMD8A16AAE7QSHPHQG6QPF
:path: /api/v4/me
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: share.acorns.com
referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
:scheme: https
sec-fetch-site: same-origin
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
X-Extole-App: javascript_sdk
Authorization: T665VMD8A16AAE7QSHPHQG6QPF
Content-Type: application/json

Response headers

date: Thu, 12 Aug 2021 12:20:58 GMT
content-encoding: gzip
server: Extole
vary: Origin Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
x-extole-client-id: 1842186254
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
set-cookie: xtl_bid=6995517565269019033;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:58 GMT;SameSite=None
content-type: application/json
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 163
expires: Thu, 12 Aug 2021 12:20:57 GMT

GET
H2 200 me Show response
share.acorns.com/api/v4/ 265 B
762 B 106ms
106ms XHR
application/json 3.225.29.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://share.acorns.com/api/v4/me
Requested by: Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.225.29.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-29-247.compute-1.amazonaws.com
Software: Extole /
Resource Hash: 48fefe609281465ff253a06802e76884dc8b2c1ecc62c0fe13fec58fbb64a9e9

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-extole-app: javascript_sdk
authorization: T665VMD8A16AAE7QSHPHQG6QPF
sec-fetch-dest: empty
cookie: access_token=T665VMD8A16AAE7QSHPHQG6QPF; xtl_bid=6995517565269019033; extole_access_token=T665VMD8A16AAE7QSHPHQG6QPF
:path: /api/v4/me
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: share.acorns.com
referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
:scheme: https
sec-fetch-site: same-origin
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=charlesstorks
X-Extole-App: javascript_sdk
Authorization: T665VMD8A16AAE7QSHPHQG6QPF
Content-Type: application/json

Response headers

date: Thu, 12 Aug 2021 12:20:58 GMT
content-encoding: gzip
server: Extole
vary: Origin Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
x-extole-client-id: 1842186254
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
set-cookie: xtl_bid=6995517565269019033;Version=1;Domain=share.acorns.com;Path=/;Max-Age=31536000;Secure;HttpOnly;Expires=Fri, 12 Aug 2022 12:20:58 GMT;SameSite=None
content-type: application/json
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 163
expires: Thu, 12 Aug 2021 12:20:57 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
share.acorns.com/	1970-01-20 05:11:46	Name: extole_access_token Value: T665VMD8A16AAE7QSHPHQG6QPF
.share.acorns.com/	1970-01-20 05:11:46	Name: xtl_bid Value: 6995517565269019033
.share.acorns.com/	1970-01-20 05:11:46	Name: access_token Value: T665VMD8A16AAE7QSHPHQG6QPF

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://*.extole.com
X-Frame-Options	ALLOW-FROM https://*.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
origin-0.xtlo.net
origin-4.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
share.acorns.com
sqy7rm.media.zestyio.com
151.101.66.49
2a00:1450:4001:830::200a
2a02:26f0:fb:592::10f5
3.225.29.247
1358828490c86f03f067497ebed61728fea4b43a2f156b8278ec8f4c3167cf7c
3612b95f548487013d3299b7bdf0174b5e094cf9aeceb73c9eb3796158febe45
3d31e139ed66191e359afa9cb0c496da4287265da173528b7d31ee716a6ec043
3e93b687bfcd7699f3422539243c6623382dee876db8f31eafd73c125d1e497e
48fefe609281465ff253a06802e76884dc8b2c1ecc62c0fe13fec58fbb64a9e9
65085aba5d21778380ba2f13584bf59232d91078b8854331fc1704ab0d6e3b39
73e60c0e0531f1d98a455041ed114b13c731a34e19eccb3ced3711ead8af4a1f
84fa590ff15085065ea3b4d6cd341a41c97f148a258ab12db80565573b011994
8bd3784082637275a1208fa17960e043094c00c4561ad5bbdc6dbdf2eb4cac9d
8feb36fdef4b2f6deaccf164c01b40d4158e939b705c8e402c0ed389bd3f9e53
90ae8acc52724a0db71ab879652d7f91ac6df14092934b6d5118d16a5b2e6f2b
d302abab20ada69f57216c163ba863e373851b2fa617214433b45f457b3a6793
f77b3c5a644a759462ec50ff9ca456fe2baa06e6401c5cdc3b6aa92ee2ac338e

share.acorns.com Open in urlscan Pro 3.225.29.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

4 Domains

7 Subdomains

4 IPs

2 Countries

734 kBTransfer

789 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

share.acorns.com Open in urlscan Pro
3.225.29.247 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

4
IPs

2
Countries

734 kB
Transfer

789 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions