urlscan.io logo urlscan.io
SecurityTrails logo

share.acorns.com Open in urlscan Pro
107.21.45.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://share.acorns.com/devinrexford
Effective URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=...
Submission: On September 21 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 16 domains to perform 57 HTTP transactions. The main IP is 107.21.45.149, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is share.acorns.com. The Cisco Umbrella rank of the primary domain is 148347.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.
This is the only time share.acorns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    107.21.45.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-45-149.compute-1.amazonaws.com
share.acorns.com
2    2607:f8b0:4006:81d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.165.83.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-40.iad55.r.cloudfront.net
builder-assets.unbounce.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:1400:d:4a3::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    2607:f8b0:4006:80f::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80c::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2600:141b:9000:79c::10f5 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
origin.xtlo.net
origin-0.xtlo.net
4    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
vimeo.com
8    146.75.34.109 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
1    23.5.226.225 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-226-225.deploy.static.akamaitechnologies.com
a627150995.cdn.optimizely.com
3    2607:f8b0:4006:81f::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:141b:9000:7a5::10f5 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
origin-7.xtlo.net
2    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4006:81c::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
3    2600:1400:d:588::10f5 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
origin-4.xtlo.net
origin-5.xtlo.net
origin-2.xtlo.net
2    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    3.212.5.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-5-64.compute-1.amazonaws.com
logx.optimizely.com
Apex Domain
Subdomains		 Transfer
14 xtlo.net
origin.xtlo.net — Cisco Umbrella Rank: 25782
origin-7.xtlo.net — Cisco Umbrella Rank: 184242
origin-0.xtlo.net — Cisco Umbrella Rank: 534041
origin-4.xtlo.net — Cisco Umbrella Rank: 63606
origin-5.xtlo.net — Cisco Umbrella Rank: 351040
origin-2.xtlo.net — Cisco Umbrella Rank: 475431
160 KB
10 vimeocdn.com
i.vimeocdn.com — Cisco Umbrella Rank: 2902
f.vimeocdn.com — Cisco Umbrella Rank: 3016
fresnel.vimeocdn.com — Cisco Umbrella Rank: 2886
273 KB
6 acorns.com
share.acorns.com — Cisco Umbrella Rank: 148347
34 KB
4 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1759
vimeo.com — Cisco Umbrella Rank: 1656
37 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 705
a627150995.cdn.optimizely.com — Cisco Umbrella Rank: 444578
logx.optimizely.com — Cisco Umbrella Rank: 1203
170 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 215
1 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8529
608 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
608 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
512 B
2 gstatic.com
fonts.gstatic.com
34 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
2 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 326
18 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
42 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
28 KB
1 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 17883
3 KB
57 16
Domain Requested by
6 share.acorns.com 1 redirects share.acorns.com
5 f.vimeocdn.com player.vimeo.com
5 origin.xtlo.net share.acorns.com
4 origin-7.xtlo.net share.acorns.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 i.vimeocdn.com player.vimeo.com
3 player.vimeo.com share.acorns.com
cdn.optimizely.com
2 logx.optimizely.com cdn.optimizely.com
2 bam.nr-data.net player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 www.google.ca share.acorns.com
2 www.google.com share.acorns.com
2 stats.g.doubleclick.net www.google-analytics.com
2 origin-0.xtlo.net share.acorns.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com share.acorns.com
1 origin-2.xtlo.net share.acorns.com
1 js-agent.newrelic.com player.vimeo.com
1 origin-5.xtlo.net share.acorns.com
1 origin-4.xtlo.net share.acorns.com
1 vimeo.com f.vimeocdn.com
1 a627150995.cdn.optimizely.com cdn.optimizely.com
1 www.googletagmanager.com share.acorns.com
1 cdn.optimizely.com share.acorns.com
1 cdnjs.cloudflare.com share.acorns.com
1 builder-assets.unbounce.com share.acorns.com
57 26

This site contains links to these domains. Also see Links.

Domain
www.acorns.com
signup.acorns.com
Subject Issuer Validity Valid
share.acorns.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
media.extole.com
GeoTrust RSA CA 2018		 2022-07-25 -
2023-07-28		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-17 -
2023-06-18		 a year crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-06-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2022-03-18 -
2023-03-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2022-08-04 -
2022-11-02		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
logx.optimizely.com
Amazon		 2022-07-24 -
2023-08-22		 a year crt.sh

This page contains 4 frames:

Primary Page: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Frame ID: 67C2B368905E671A6BF261AA9189D001
Requests: 39 HTTP requests in this frame

Frame: https://player.vimeo.com/video/712213462?h=1fd7d8fbe0&badge=0&autopause=0&autoplay=0&muted=0&loop=1&player_id=0&app_id=58479
Frame ID: 884F7021F8AFBD33B9E31CCE18EF2423
Requests: 5 HTTP requests in this frame

Frame: https://a627150995.cdn.optimizely.com/client_storage/a627150995.html
Frame ID: C89FA8BB4EFAE7062AE2973A2091087E
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: EE432BB325EE084E4D7886D4E689C5C1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redeem your $5 investment!

Page URL History Show full URLs

  1. https://share.acorns.com/devinrexford HTTP 302
    https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&ex... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

57 %
IPv6

16
Domains

26
Subdomains

22
IPs

2
Countries

824 kB
Transfer

3084 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://share.acorns.com/devinrexford HTTP 302
    https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request friend_landing_experience_microsite
share.acorns.com/zones/
Redirect Chain
  • https://share.acorns.com/devinrexford
  • https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
90 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-149.compute-1.amazonaws.com
Software
Extole /
Resource Hash
576c3368887a0022b567f3fc0f5761468adac32e62428e7ae3a1cbe314d36486
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors https://*.extole.com
content-type
text/html;charset=UTF-8
date
Wed, 21 Sep 2022 14:40:57 GMT
expires
Wed, 21 Sep 2022 14:40:56 GMT
p3p
CP="Please see our privacy policy"
server
Extole
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Accept-Encoding
x-extole-token
G30U9VEC3PMBNM3IS1TC0PDITJ
x-frame-options
ALLOW-FROM https://*.extole.com

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers
X-Extole-Token
content-encoding
gzip
content-length
20
content-security-policy
frame-ancestors https://*.extole.com
content-type
text/html
date
Wed, 21 Sep 2022 14:40:56 GMT
location
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
p3p
CP="Please see our privacy policy"
server
Extole
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Accept-Encoding
x-extole-token
G30U9VEC3PMBNM3IS1TC0PDITJ
x-frame-options
ALLOW-FROM https://*.extole.com
css
fonts.googleapis.com/ 		2 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%20Sans
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
224412cb30f93e51adfe6832c50b9b8f05109674abb1a7618ac08da241212eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 14:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 14:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 14:40:57 GMT
css
fonts.googleapis.com/ 		2 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%20Sans:600
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d9791763bcf08089691bf6321b19f3df30339f4af276753cd2e24e5381bfa9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 14:29:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 14:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 14:40:57 GMT
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-40.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:59 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 16:47:32 GMT
server
AmazonS3
age
6334499
etag
"4458a4d76a70cb207bcc34d6bc6f872f"
x-cache
Hit from cloudfront
x-amz-version-id
L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
via
1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
IAD55-P3
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
BbhAOWHM1eUCRVMb6ivf1vZrGzR1Rx0AXQwSiyZpJZO3eYzxJurDbw==
core.js
share.acorns.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://share.acorns.com/core.js
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-149.compute-1.amazonaws.com
Software
Extole /
Resource Hash
5afec0b6d87ea206e78439554fcbbcf2f489211557d33fc37643c20987a034f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
content-encoding
gzip
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
p3p
CP="Please see our privacy policy"
access-control-max-age
3600
cache-control
no-transform, max-age=3600
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-expose-headers
X-Extole-Token
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2995206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCYXOFdD49NToelh2hhBK1MfFEmSw3V7UdQHQcc6SsPzOgTUZkB78f0TopYa7n1qllJncJTtRsISJa6mn8RonbzgwmHA7A%2F7RIfBO5Ap%2FROB%2BdeeNBmTZaMd8srzcqRQFbXXxmP%2FtgCPMjz5OKu7jC1H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e38f14fc4bca57-YUL
expires
Mon, 11 Sep 2023 14:40:57 GMT
9730220283.js
cdn.optimizely.com/js/ 		841 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/9730220283.js
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a3::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e38456598e37a6013ea229f809f15522de9d78c78be65c023df5d00b97b5a7b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
NCzXkSAsxQVP1zueHvDScptKt8IP_sNz
content-encoding
gzip
etag
"6c65872aa7b94b4fb799199c1322adb7"
x-amz-request-id
1C97JX6H8PVWMY0N
x-amz-server-side-encryption
AES256
x-amz-meta-revision
6749
x-amz-replication-status
PENDING
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="52";dur=0,cdnip;desc="2600:1400:d:4a3::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
171207
x-amz-id-2
z2KEKZWzY93D6Jp0Bm9U+6hPA7AqzizWo5BiMk3opxy2lg1O51KjI82ayHAR1VbnKacfCL5lkyY=
last-modified
Tue, 20 Sep 2022 19:25:23 GMT
server
AmazonS3
date
Wed, 21 Sep 2022 14:40:57 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46142661-9
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43a6e46ee33a64c7c17ea4c5ed55f8bb7b6bc6f492a43dbbb7106c1cc541d268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42195
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Sep 2022 14:40:57 GMT
pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%20Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 21:09:57 GMT
x-content-type-options
nosniff
age
149460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17156
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 21:09:57 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%20Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 21:09:46 GMT
x-content-type-options
nosniff
age
149471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 21:09:46 GMT
logo.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/logo.png
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
decbc84828ee4dbf9ca4e93259f7b6e19c31974e6dce36641ff22133eec64bb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:36 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2585278
Connection
keep-alive
Content-Length
9833
bannerUltimate.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/bannerUltimate.png
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
bd933a0ee3d6e96635d1024150229f285892c448e8949ea3d161fef514782f23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:36 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2585213
Connection
keep-alive
Content-Length
122270
712213462
player.vimeo.com/video/ Frame 884F 		18 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/712213462?h=1fd7d8fbe0&badge=0&autopause=0&autoplay=0&muted=0&loop=1&player_id=0&app_id=58479
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24599e7c0fde3f48059e6d6c3b83a86d21378ce1578bba377c3e2085644288df
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://share.acorns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
74e38f160e70a228-YYZ
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 14:40:57 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Cache-Hits
0
X-Player-Backend
p
X-Served-By
cache-yyz4526-YYZ
X-Timer
S1663771257.299329,VS0,VE43
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires
Wed, 21 Sep 2022 14:49:25 GMT
link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-backend-proxy
playproxy9
x-bapp-server
player-84c9846b45-vrkxt
x-content-type-options
nosniff
x-host
player-84c9846b45-vrkxt
x-varnish-cache
1
x-vserver
playproxy-rollout-prod-varnish-8
x-xss-protection
1; mode=block
checkedImage.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/ 		346 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/checkedImage.png
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
758c0a7e2c476a0d846463306fd425dab2f985c995abf8145978625c6e78aa64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:36 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2587223
Connection
keep-alive
Content-Length
369
last_image.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/img/last_image.png
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
e5367d1810033fa860d4e9280b2b73718aab46f55c2cb2a0b92f151c29817adb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:36 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2587254
Connection
keep-alive
Content-Length
18260
1435927138-1b2febfc2fc145cc889780e10d323695c2d727411ff822482dc0949364f4c8c6-d.jpg
i.vimeocdn.com/video/ Frame 884F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1435927138-1b2febfc2fc145cc889780e10d323695c2d727411ff822482dc0949364f4c8c6-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/712213462?h=1fd7d8fbe0&badge=0&autopause=0&autoplay=0&muted=0&loop=1&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48fa2071490481acae68d289052b1b27ef7545ee34d56e9e4858a872334646fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1375114
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1779
viewmaster-server
viewmaster-us-east1-5tk1
x-served-by
cache-dfw-kdfw8210106-DFW, cache-iad-kjyo7100081-IAD
x-timer
S1663771258.543301,VS0,VE0
etag
bfe903f59494ce271f9203a7ca85365b
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 2
player.js
f.vimeocdn.com/p/4.10.1/js/ Frame 884F 		191 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.10.1/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/712213462?h=1fd7d8fbe0&badge=0&autopause=0&autoplay=0&muted=0&loop=1&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
1.1 varnish
age
68606
x-served-by
cache-iad-kjyo7100038-IAD
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1663771258.526100,VS0,VE0
content-length
212091
x-cache-hits
8076
player.css
f.vimeocdn.com/p/4.10.1/css/ Frame 884F 		203 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.10.1/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/712213462?h=1fd7d8fbe0&badge=0&autopause=0&autoplay=0&muted=0&loop=1&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
367834876a24a605026df5c556f217621eaf75d1df34344227b3ab2bd2742fb2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
1.1 varnish
age
68606
x-served-by
cache-iad-kjyo7100038-IAD
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1663771258.525974,VS0,VE0
content-length
20284
x-cache-hits
8035
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 884F 		0
0
a627150995.html
a627150995.cdn.optimizely.com/client_storage/ Frame C89F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a627150995.cdn.optimizely.com/client_storage/a627150995.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.226.225 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-226-225.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
93a02422c2be349042d572a2817dfca086c8eeee92581ccb7aebe992fafaa472
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://share.acorns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
803
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 14:40:57 GMT
etag
"62fda0ea398179fca8ad64f838ae701c"
last-modified
Tue, 20 Sep 2022 19:25:12 GMT
server
AmazonS3
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="17";dur=0,cdnip;desc="23.5.226.225";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-amz-id-2
YXUwWTCW21tIWlEDq7sutq/blhGsTjfPUbMcdG8mBQ44sUpLIExivRyqwMcrqB3PZhHIbbQM6UA=
x-amz-meta-pci_enabled
False
x-amz-replication-status
PENDING
x-amz-request-id
K8SSHE3N2ABBW3D5
x-amz-server-side-encryption
AES256
x-amz-version-id
_ZZMDcXIFriD0LU_eGuUZDXV5hP3yyvQ
714224408
player.vimeo.com/video/ Frame EE43 		49 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79eda10add2b3ddc700f163780a2c1eeb63ce95d555f8182373e5c2bf5cac88
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://share.acorns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
74e38f187ad6a228-YYZ
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 14:40:57 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Cache-Hits
0
X-Player-Backend
p
X-Served-By
cache-yyz4556-YYZ
X-Timer
S1663771258.687010,VS0,VE66
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires
Wed, 21 Sep 2022 14:44:16 GMT
link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-backend-proxy
playproxy2
x-bapp-server
player-84c9846b45-4lptg
x-content-type-options
nosniff
x-host
player-84c9846b45-4lptg
x-varnish-cache
1
x-vserver
playproxy-rollout-prod-varnish-1
x-xss-protection
1; mode=block
player.js
player.vimeo.com/api/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-varnish-cache
1
Date
Wed, 21 Sep 2022 14:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Age
619
X-Cache
HIT
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host
player-84c9846b45-mg4wb
Connection
keep-alive
x-vserver
playproxy-rollout-prod-varnish-0
Content-Length
6136
x-xss-protection
1; mode=block
X-Served-By
cache-yyz4539-YYZ
X-Player-Backend
p
Server
cloudflare
X-Timer
S1663771258.646975,VS0,VE0
x-backend-proxy
playproxy1
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Wed, 21 Sep 2022 14:54:13 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
player-84c9846b45-mg4wb
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Accept-Ranges
bytes
CF-RAY
74e38f183a81a228-YYZ
access-control-allow-origin
*
X-Cache-Hits
393
checkedImage.png
origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7085194179666093450:version=1:coreAssetsVersion=96/img/ 		346 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7085194179666093450:version=1:coreAssetsVersion=96/img/checkedImage.png
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
758c0a7e2c476a0d846463306fd425dab2f985c995abf8145978625c6e78aa64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Apr 2022 23:08:55 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=1037813
Connection
keep-alive
Content-Length
369
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46142661-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
925
date
Wed, 21 Sep 2022 14:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Wed, 21 Sep 2022 16:25:32 GMT
MainView.js
origin-7.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/js/ 		1 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-7.xtlo.net/type=creativeArchive:clientId=1842186254:creativeArchiveId=7142978284819369807:version=5:coreAssetsVersion=111/js/MainView.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:7a5::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
e221399e5f2c3649f0b962f9b71f484aebccd64755de07c1bf810140ea469638

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:36 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2585209
Connection
keep-alive
Content-Length
632
user-service.js
origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/user-service.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
5bafe0f0faddcb8e62bae7034c6a3a15fe5267c62441f287a4db98dd41151602

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Sep 2022 00:28:27 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2545084
Connection
keep-alive
Content-Length
1883
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1964544245&t=pageview&_s=1&dl=https%3A%2F%2Fshare.acorns.com%2Fzones%2Ffriend_landing_experience_microsite%3Fextole_share_channel%3DSHARE_LINK%26extole_shareable_code%3Ddevinrexford%26cro-test%3Dtrue&ul=en-us&de=UTF-8&dt=Redeem%20your%20%245%20investment!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1528008114&gjid=550687517&cid=1883251611.1663771258&tid=UA-46142661-9&_gid=2142050551.1663771258&_r=1&gtm=2ou9j0&z=506928639
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://share.acorns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1964544245&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshare.acorns.com%2Fzones%2Ffriend_landing_experience_microsite%3Fextole_share_channel%3DSHARE_LINK%26extole_shareable_code%3Ddevinrexford%26cro-test%3Dtrue&ul=en-us&de=UTF-8&dt=Redeem%20your%20%245%20investment!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Optimizely&ea=%5B100%25%20to%20v1%5D%20ACRNS-145%20%5BReferral%5D%5BEveryone%5D%20Round%20Ups%20video%20in%20hero&el=v1%3A%20Video%20in%20body&_u=6EDAAUABAAAAAC~&jid=997001956&gjid=1692795859&cid=1883251611.1663771258&tid=UA-46142661-9&_gid=2142050551.1663771258&_r=1&_slc=1&z=1973047527
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://share.acorns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=1528008114&gjid=550687517&_gid=2142050551.1663771258&_u=YEBAAUAAAAAAAC~&z=2093826061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Sep 2022 14:40:57 GMT
content-type
text/plain
access-control-allow-origin
https://share.acorns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=997001956&gjid=1692795859&_gid=2142050551.1663771258&_u=6EDAAUABAAAAAC~&z=267402657
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Sep 2022 14:40:57 GMT
content-type
text/plain
access-control-allow-origin
https://share.acorns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1439577783-765cde4a270c6004cd70b69177d65ce421cd9476fbb79a48b4a3d9a06faa20e2-d.jpg
i.vimeocdn.com/video/ Frame EE43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1439577783-765cde4a270c6004cd70b69177d65ce421cd9476fbb79a48b4a3d9a06faa20e2-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb5da1b0d568d3842ecaefcca11f479bbc03ce72c2717556e4920a5f052d00ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1283294
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1672
viewmaster-server
viewmaster-us-central1-pb74
x-served-by
cache-dfw-kdfw8210086-DFW, cache-iad-kjyo7100081-IAD
x-timer
S1663771258.833328,VS0,VE0
etag
ccefe4cd5bc32eaf3f39fc63b3349970
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 3
player.js
f.vimeocdn.com/p/4.10.1/js/ Frame EE43 		886 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.10.1/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8c22491872aae8cdfb88dce37ade08e14d76f1a677307deda4eb987b995a803

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
1.1 varnish
age
68606
x-served-by
cache-iad-kjyo7100038-IAD
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1663771258.833812,VS0,VE0
content-length
212091
x-cache-hits
8077
player.css
f.vimeocdn.com/p/4.10.1/css/ Frame EE43 		203 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.10.1/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
367834876a24a605026df5c556f217621eaf75d1df34344227b3ab2bd2742fb2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
1.1 varnish
age
68606
x-served-by
cache-iad-kjyo7100038-IAD
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1663771258.833814,VS0,VE0
content-length
20284
x-cache-hits
8036
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame EE43 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:57 GMT
via
1.1 varnish
age
163419
x-timer
S1663771258.833801,VS0,VE0
x-served-by
cache-iad-kjyo7100038-IAD
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
content-encoding
gzip
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
997
x-cache-hits
17739
vuid
vimeo.com/ablincoln/ Frame EE43 		0
893 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=a0ed64776193279abc068dbfa463252fac33bbea1663771257
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
Vary
User-Agent
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kjyo7100165-IAD, cache-yyz4552-YYZ
x-vimeo-device
d
Server
cloudflare
X-Timer
S1663771258.920548,VS0,VE54
x-frame-options
sameorigin
x-backend-proxy
webproxy3
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Wed, 21 Sep 2022 02:40:57 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-5578bf9b6b-jflkg
x-ua-compatible
IE=edge
Accept-Ranges
bytes
CF-RAY
74e38f19eddd549d-YYZ
X-Cache-Hits
0, 0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=1528008114&_u=YEBAAUAAAAAAAC~&z=897740755
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=1528008114&_u=YEBAAUAAAAAAAC~&z=897740755
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=997001956&_u=6EDAAUABAAAAAC~&z=665971097
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-46142661-9&cid=1883251611.1663771258&jid=997001956&_u=6EDAAUABAAAAAC~&z=665971097
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://share.acorns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 14:40:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ElementControl.js
origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-0.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ElementControl.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:79c::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
481ca5ceafbb1e28bbdcf955de7767dabd8af5899db82a7b02c9c7273f28d933

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Sep 2022 00:17:12 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2545064
Connection
keep-alive
Content-Length
1059
me-shareable-service.js
origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/me-shareable-service.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:7a5::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
561c068989ba5edac680fcab20db5da3dd078e279a12efb85599c49f5d8d1fad

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Sep 2022 00:15:11 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2545047
Connection
keep-alive
Content-Length
779
api.js
origin-4.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-4.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/api.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:588::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
661d8e245a8d6b24ac652a65b0f3d11b650ade36c1f82daaf2d85a25a532db2e

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:41 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2518551
Connection
keep-alive
Content-Length
1404
player-test-impression
fresnel.vimeocdn.com/add/ Frame EE43 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.10.1/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Sep 2022 14:40:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1439577783-765cde4a270c6004cd70b69177d65ce421cd9476fbb79a48b4a3d9a06faa20e2-d
i.vimeocdn.com/video/ Frame EE43 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1439577783-765cde4a270c6004cd70b69177d65ce421cd9476fbb79a48b4a3d9a06faa20e2-d?mw=500&mh=290
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae12e89ba90e93294bd57a6c8f877fe2a5c9575ae975c665c56527a776426a07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:40:58 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1292973
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
access-control-max-age
86400
x-backend-server
varnish
content-length
21050
viewmaster-server
viewmaster-us-central1-x917
x-served-by
cache-dfw-kdfw8210086-DFW, cache-iad-kjyo7100081-IAD
x-timer
S1663771258.069046,VS0,VE1
etag
bea3f07d926abc245da653e8d46813c5
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame EE43 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=a0ed64776193279abc068dbfa463252fac33bbea1663771257
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.10.1/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Sep 2022 14:40:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Shareable.js
origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ 		449 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/Shareable.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:7a5::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
cad0e1df7c03b128ff1ec65565fa38c6b92ca784927e39740decea266b8407b4

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Sep 2022 00:15:11 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2545090
Connection
keep-alive
Content-Length
237
me-shareable-service.js
origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/v2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-7.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/v2/me-shareable-service.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:7a5::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
432e7dbe50a00218ebf38fd8c1686aba56b3f6595a2974c40847edfcdca502cf

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Sep 2022 01:38:10 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2545074
Connection
keep-alive
Content-Length
934
shareable-service.js
origin-5.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/v2/ 		521 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-5.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/v2/shareable-service.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:588::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
92465534e58fd5f46087d5e8be400fd6b3b974ac2ab23a772145df098b1a7590

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:40 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2518564
Connection
keep-alive
Content-Length
270
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame EE43 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
EC4WHCV41J2PG0F8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
07T07n8uWoNfLUHQgSr5tTGsERPb5Z6DbGl+VfImB1rTQSNe/ORDeUQvbVBUscm/WNI/Ugfb4MM=
x-served-by
cache-yul12822-YUL
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1663771258.176480,VS0,VE0
date
Wed, 21 Sep 2022 14:40:58 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2994
ApiRequestBuilder.js
origin-2.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-2.xtlo.net/type=core:clientId=1842186254:coreAssetsVersion=111/common/client/ApiRequestBuilder.js?site=share.acorns.com
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:588::10f5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Extole /
Resource Hash
b971eef4e2d12c2de4fd267b27c8c9f58cfb69d19130d6c6cbb551eaa52a3ef1

Request headers

Referer
https://share.acorns.com/
Origin
https://share.acorns.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 18:14:40 GMT
Server
Extole
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
no-transform, max-age=2518552
Connection
keep-alive
Content-Length
969
689d5b4562
bam.nr-data.net/1/ Frame EE43 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=567&ck=1&ref=https://player.vimeo.com/video/714224408&ap=1&be=155&fe=516&dc=166&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663771257624,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:38,%22rp%22:141,%22rpe%22:142,%22dl%22:145,%22di%22:165,%22ds%22:165,%22de%22:165,%22dc%22:515,%22l%22:515,%22le%22:516%7D,%22navigation%22:%7B%7D%7D&fp=233&fcp=233&jsonp=NREUM.setToken
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
74e38f1c0a2454bb-YYZ
689d5b4562
bam.nr-data.net/events/1/ Frame EE43 		24 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=685&ck=1&ref=https://player.vimeo.com/video/714224408
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/714224408?h=8f5cc88fd2&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://player.vimeo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://player.vimeo.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
74e38f1c8abd54bb-YYZ
Content-Length
24
token
share.acorns.com/api/v4/ 		129 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.acorns.com/api/v4/token
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-149.compute-1.amazonaws.com
Software
Extole /
Resource Hash
bb83e6acb17e6b57c1045d8950b048c70c4d4407108b2490bbc527194718c8e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
accept-language
en-CA,en;q=0.9
x-extole-app
javascript_sdk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Sep 2022 14:40:58 GMT
content-encoding
gzip
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
128
expires
Wed, 21 Sep 2022 14:40:57 GMT
me
share.acorns.com/api/v4/ 		274 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.acorns.com/api/v4/me
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-149.compute-1.amazonaws.com
Software
Extole /
Resource Hash
42b6eb304bee57e0ab1100613a9a04283313cd15c723d5755a192bc5234484f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
accept-language
en-CA,en;q=0.9
x-extole-app
javascript_sdk
authorization
G30U9VEC3PMBNM3IS1TC0PDITJ
content-type
application/json

Response headers

date
Wed, 21 Sep 2022 14:40:58 GMT
content-encoding
gzip
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
171
expires
Wed, 21 Sep 2022 14:40:57 GMT
me
share.acorns.com/api/v4/ 		274 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.acorns.com/api/v4/me
Requested by
Host: share.acorns.com
URL: https://share.acorns.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-149.compute-1.amazonaws.com
Software
Extole /
Resource Hash
42b6eb304bee57e0ab1100613a9a04283313cd15c723d5755a192bc5234484f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer
https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true
accept-language
en-CA,en;q=0.9
x-extole-app
javascript_sdk
authorization
G30U9VEC3PMBNM3IS1TC0PDITJ
content-type
application/json

Response headers

date
Wed, 21 Sep 2022 14:40:58 GMT
content-encoding
gzip
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
171
expires
Wed, 21 Sep 2022 14:40:57 GMT
events
logx.optimizely.com/v1/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.5.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-5-64.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 21 Sep 2022 14:40:58 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://share.acorns.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
e8acc8be-305c-4ab4-9dc5-f14ce7a76e56
events
logx.optimizely.com/v1/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.5.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-5-64.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://share.acorns.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 21 Sep 2022 14:40:59 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://share.acorns.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
6175102d-7b64-4315-be82-c603295f3b9b

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
f.vimeocdn.com
URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| extole function| $ function| jQuery undefined| _ object| optimizely object| CROQ object| CRO_PJS object| dataLayer object| CRO_SHARED_21632880448 function| gtag function| throttle object| cta string| href object| stickyCTA object| acrnsfiftythree number| scrollDist undefined| advocateCodeEl undefined| signUpButton undefined| referralAgreementEl undefined| mainEl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.share.acorns.com/ Name: access_token
Value: G30U9VEC3PMBNM3IS1TC0PDITJ
.share.acorns.com/ Name: xtl_bid
Value: 7145843134577839623
.vimeo.com/ Name: __cf_bm
Value: zDeVjLzyolQtyYieGPD.kctjACfXUP_0qKGGmPObzT8-1663771257-0-AbNOlVQQm/frrtfjF4mBvuFFyyuXMbGTATrH5rtcZuaqKpUmRrHOyR/x4XbuZBl75COAy3ZBFphKnqfsOwJL9y8=
.acorns.com/ Name: optimizelyEndUserId
Value: oeu1663771257548r0.6315530889382104
.acorns.com/ Name: _ga
Value: GA1.2.1883251611.1663771258
.acorns.com/ Name: _gid
Value: GA1.2.2142050551.1663771258
.acorns.com/ Name: _gat_gtag_UA_46142661_9
Value: 1
.acorns.com/ Name: _gat_cro_metrics_tracker
Value: 1
.vimeo.com/ Name: vuid
Value: pl1057980729.267617979
.nr-data.net/ Name: JSESSIONID
Value: 10bf475247f16483
share.acorns.com/ Name: extole_access_token
Value: G30U9VEC3PMBNM3IS1TC0PDITJ

1 Console Messages

Source Level URL
Text
other warning URL: https://share.acorns.com/zones/friend_landing_experience_microsite?extole_share_channel=SHARE_LINK&extole_shareable_code=devinrexford&cro-test=true(Line 3230)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a627150995.cdn.optimizely.com
bam.nr-data.net
builder-assets.unbounce.com
cdn.optimizely.com
cdnjs.cloudflare.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js-agent.newrelic.com
logx.optimizely.com
origin-0.xtlo.net
origin-2.xtlo.net
origin-4.xtlo.net
origin-5.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
player.vimeo.com
share.acorns.com
stats.g.doubleclick.net
vimeo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
f.vimeocdn.com
107.21.45.149
146.75.34.109
151.101.130.137
162.159.128.61
162.247.241.14
18.165.83.40
23.5.226.225
2600:1400:d:4a3::13b8
2600:1400:d:588::10f5
2600:141b:9000:79c::10f5
2600:141b:9000:7a5::10f5
2606:4700::6811:190e
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2003
3.212.5.64
34.120.202.204
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9791763bcf08089691bf6321b19f3df30339f4af276753cd2e24e5381bfa9d
224412cb30f93e51adfe6832c50b9b8f05109674abb1a7618ac08da241212eed
24599e7c0fde3f48059e6d6c3b83a86d21378ce1578bba377c3e2085644288df
32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005
367834876a24a605026df5c556f217621eaf75d1df34344227b3ab2bd2742fb2
42b6eb304bee57e0ab1100613a9a04283313cd15c723d5755a192bc5234484f0
432e7dbe50a00218ebf38fd8c1686aba56b3f6595a2974c40847edfcdca502cf
43a6e46ee33a64c7c17ea4c5ed55f8bb7b6bc6f492a43dbbb7106c1cc541d268
481ca5ceafbb1e28bbdcf955de7767dabd8af5899db82a7b02c9c7273f28d933
48fa2071490481acae68d289052b1b27ef7545ee34d56e9e4858a872334646fa
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
561c068989ba5edac680fcab20db5da3dd078e279a12efb85599c49f5d8d1fad
576c3368887a0022b567f3fc0f5761468adac32e62428e7ae3a1cbe314d36486
5afec0b6d87ea206e78439554fcbbcf2f489211557d33fc37643c20987a034f3
5bafe0f0faddcb8e62bae7034c6a3a15fe5267c62441f287a4db98dd41151602
661d8e245a8d6b24ac652a65b0f3d11b650ade36c1f82daaf2d85a25a532db2e
758c0a7e2c476a0d846463306fd425dab2f985c995abf8145978625c6e78aa64
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
92465534e58fd5f46087d5e8be400fd6b3b974ac2ab23a772145df098b1a7590
93a02422c2be349042d572a2817dfca086c8eeee92581ccb7aebe992fafaa472
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
ae12e89ba90e93294bd57a6c8f877fe2a5c9575ae975c665c56527a776426a07
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b971eef4e2d12c2de4fd267b27c8c9f58cfb69d19130d6c6cbb551eaa52a3ef1
bb83e6acb17e6b57c1045d8950b048c70c4d4407108b2490bbc527194718c8e6
bd933a0ee3d6e96635d1024150229f285892c448e8949ea3d161fef514782f23
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cad0e1df7c03b128ff1ec65565fa38c6b92ca784927e39740decea266b8407b4
d79eda10add2b3ddc700f163780a2c1eeb63ce95d555f8182373e5c2bf5cac88
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
decbc84828ee4dbf9ca4e93259f7b6e19c31974e6dce36641ff22133eec64bb7
e221399e5f2c3649f0b962f9b71f484aebccd64755de07c1bf810140ea469638
e38456598e37a6013ea229f809f15522de9d78c78be65c023df5d00b97b5a7b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5367d1810033fa860d4e9280b2b73718aab46f55c2cb2a0b92f151c29817adb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c22491872aae8cdfb88dce37ade08e14d76f1a677307deda4eb987b995a803
fb5da1b0d568d3842ecaefcca11f479bbc03ce72c2717556e4920a5f052d00ff