saveamerica.nucleusemail.com

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 172.67.212.39, located in United States and belongs to CLOUDFLARENET, US. The main domain is saveamerica.nucleusemail.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 20th 2021. Valid for: a year.

This is the only time saveamerica.nucleusemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.212.39 172.67.212.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.18.147.68 104.18.147.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
5	4

1 172.67.212.39 (United States)

ASN13335 (CLOUDFLARENET, US)

saveamerica.nucleusemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.147.68 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.donaldjtrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com fonts.gstatic.com	63 KB
1	donaldjtrump.com cdn.donaldjtrump.com	22 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	nucleusemail.com saveamerica.nucleusemail.com	7 KB
5	4

	Domain	Requested by
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.donaldjtrump.com	saveamerica.nucleusemail.com
1	fonts.googleapis.com	saveamerica.nucleusemail.com
1	saveamerica.nucleusemail.com
5	4

This site contains links to these domains. Also see Links.

Domain
secure.winred.com
www.donaldjtrump.com
www.campaignnucleus.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-20` - `2022-03-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://saveamerica.nucleusemail.com/amplify/v/c92EbGMFnA
Frame ID: A2C995B72A933B1814A355D246F536DC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

93 kB
Transfer

114 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.winred.com/save-america-joint-fundraising-committee/save-america-donate-hf/?amount=50&utm_medium=email_hf&utm_source=mc_na_na&utm_campaign=20210801_statement-email_donaldjtrump_saveamerica&utm_content=donate_cpyrs_na&_nlid=FHtkbXrTYy&_nsid=%recipient.send_uuid%
Title: DONATE TO SAVE AMERICA

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/?utm_medium=email&utm_source=ncl_amplify&utm_campaign=20211003-letter_to_the_pulitzer_prizes&utm_content=ncl-9GBCXHfwnY&_nlid=9GBCXHfwnY&_nsid=%recipient.send_uuid%
Title: donaldjtrump.com

Search URL Search Domain Scan URL

URL: https://www.campaignnucleus.com/forms/press-list?utm_medium=email&utm_source=ncl_amplify&utm_campaign=20211003-letter_to_the_pulitzer_prizes&utm_content=ncl-4DDZ7vAu2X&_nlid=4DDZ7vAu2X&_nsid=%recipient.send_uuid%
Title: here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request c92EbGMFnA Show response
saveamerica.nucleusemail.com/amplify/v/ 25 KB
7 KB 320ms
270ms Document
text/html 172.67.212.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://saveamerica.nucleusemail.com/amplify/v/c92EbGMFnA

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

172.67.212.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b5eaa594aa948583758b74af7e9674c0727d7d5c20d41c6b518c953017a96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 29 Oct 2021 17:15:12 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5pUj2bIu4vkYSSdCr00gYHdhd4XM1pYaWCzvvxaFsq266lpvbObpuaGcpCM5aC6gVnOU%2Fvr6lRgfiFwUdyr7rs4ZjqyUf5bX2LAJPU8eKkv2EKrBbTLAEfdrUHHZNRRNuDLav6nl8gjU585r2P8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a5e0b6b88582778-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 40ms
17ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: saveamerica.nucleusemail.com
URL: https://saveamerica.nucleusemail.com/amplify/v/c92EbGMFnA

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveamerica.nucleusemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 15:22:13 GMT
server: ESF
date: Fri, 29 Oct 2021 17:15:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 17:15:12 GMT

GET
H2 200 SaveAmericaPAC_Logo_RGB.jpg
cdn.donaldjtrump.com/_logos/ 21 KB
22 KB 323ms
282ms Image
image/webp 104.18.147.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.donaldjtrump.com/_logos/SaveAmericaPAC_Logo_RGB.jpg
Requested by: Host: saveamerica.nucleusemail.com
URL: https://saveamerica.nucleusemail.com/amplify/v/c92EbGMFnA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.147.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da075269ccb2cb1f5423868a92b2dfcb078213cbb89ea75a4aacf5aed7a2bead

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveamerica.nucleusemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 17:15:13 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: VJVQEHFMZR71GJKT
cf-polished: origFmt=jpeg, origSize=71086
last-modified: Sun, 25 Apr 2021 01:07:53 GMT
content-disposition: inline; filename="SaveAmericaPAC_Logo_RGB.webp"
content-length: 21466
x-amz-id-2: k4+ZdU8mdCrtrZM/lgOhJh9X7c4un5vItFBkuu+RHYrWC5m/ozTajkGPuYombqR+hY09lQZkrRM=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0f6d448b1cb7525a4a96459b9b6f04a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6a5e0b6ddefaf9da-PRG
expires: Mon, 29 Nov 2021 17:15:13 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 70ms
33ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveamerica.nucleusemail.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:57:27 GMT
x-content-type-options: nosniff
age: 256665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Oct 2022 17:57:27 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 37ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveamerica.nucleusemail.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:35:32 GMT
x-content-type-options: nosniff
age: 56380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 01:35:32 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
saveamerica.nucleusemail.com/	1970-01-19 22:18:54	Name: XSRF-TOKEN Value: eyJpdiI6IlBwa2ZVNDM3MEw0aCtvMERXYVo0bkE9PSIsInZhbHVlIjoiUklRa285UUdlam9jT0xJQTljVlpWaGlpUTVkK3J0TG1WbEJDTjlZaVRML3lsSWNSUXZNd3VGR3Y2Qnhqem90Zk45ZXZVaFVLa3FuelNyT3BKQ3hRL0d5YlJkdEtRa0o3UkFlMWlBUDBWMm0yMkI1TUtCMEQ4RWF6a0ZuV0NsUXkiLCJtYWMiOiJkYWJmODhmMzg5N2I1NzU3Y2IzMTZiOTlkMmE0YmJhMjQzOGZjZTE0Y2Q5YTU0ZjBkYWI2MDQzYTYwNTU5ZWIyIiwidGFnIjoiIn0%3D
saveamerica.nucleusemail.com/	1970-01-19 22:18:54	Name: nsession Value: eyJpdiI6Ii9LakEzUFd2VDNMY1BQcWgvejRkcEE9PSIsInZhbHVlIjoiWTRtbmJmL1JrN2RiT2VnMHJJenRyR2czUlBsTHIyeXN0YXZMRVBKUityK2liVlZzYVU4OGhJZGpUelQ5Ri9saVVXd1lRUFJFbElLeUgwZnlJN1dTbUc1dDZyNkozY3BmRnZWR2xDbG5pZHo4dGdoL3h6a2VYY3NBbG5Wbmd6R2YiLCJtYWMiOiI2ZWU0MTg4YmY2MWE4ZjAzODA2ODBkYTZhMmNhMzRiZTcxYTU2MGIxY2RmYTZlOGVlZjFkMWM4NGE0MGVhNGFkIiwidGFnIjoiIn0%3D
saveamerica.nucleusemail.com/	1970-01-19 22:18:54	Name: OIiSvFof61I5hTCGTyrDIYUQvVfemqlY0UY5Cn8i Value: eyJpdiI6Ik9LR3Q5TGF4bE9zdmVrVXFrQ2xEaVE9PSIsInZhbHVlIjoiMlprL01EdmNISTVtYXZQWS8wR3B0UXJ6bzdSUUFJV3BzRWVqQmw0Z3FsZjl6RkI5TGFYaHJlckN1bXBleWNxRDRZMUM2UCtuWER2OWRKaHlZaE80TUdURkRTQ1ZaMk8yMzlsU3VQK1MxdDM0WkZJYmVRc1FxUndTREo4OWxhYXpESGxRVWp3cnN3RjA0cHltZGZEcjl4Z1VlTjZzUWlEM2tBSEl3Z0x0MFpIWlo2cnhWem1yMXF6WTFiZHppQkVvNjdxcy84OWtJOXc4QitIZzFBTHcvTzhQYmZ5dFp2ZTVhUloySUt1ODUySUVybTBidmw3RDBRUWNSeFJUaHhpUkRDWFMvRVlFa1piT1JEUXJXZ01wVm9iK1NBaUU3bWFoWld3RnB3OE1tNzlHTzJtNm9FRzBtWG1kUWVlWnJrcUd4OWp0bTcweHpCQmFGOWtwVlQxeHNpc1pRN3pLWFhod2diWmx1c1VKeW5JUXV3RzN5Y0JMb0hjdFpZdDRjUjE3aEVzUldpc1BuL0c3YVVNWmhlN2lROWcyeGtzWjNSOTZLcGdIaUtxY0N0OD0iLCJtYWMiOiJhYjc3MWE4MjU0ZDVkYzhiZWI4MDQ5OGQwYzYxZGYzMzJmYWQwNzc0NjUzM2YzZDQ0N2Q3MTFjOWI1Mjk4ODRlIiwidGFnIjoiIn0%3D
.donaldjtrump.com/	1970-01-19 22:18:49	Name: __cf_bm Value: 0gpmUcZHDxdCUGHva4tXtnmfLk1JI7eNeKduHsYz3Ug-1635527713-0-AVKdFHfT/isEv4/J19YuTdoFGwB1T4eSVMnuG9F0IkFa/V/b1y3t5DE30AhIsVSB4M3/jQRveQqr3u+wNef2i9Q=
.donaldjtrump.com/	1969-12-31 23:59:59	Name: __cfruid Value: 490f8b52a5d5ea9a599ed9479e567b0d563da95a-1635527713

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.donaldjtrump.com
fonts.googleapis.com
fonts.gstatic.com
saveamerica.nucleusemail.com
104.18.147.68
142.250.185.131
142.250.186.138
172.67.212.39
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
d9b5eaa594aa948583758b74af7e9674c0727d7d5c20d41c6b518c953017a96b
da075269ccb2cb1f5423868a92b2dfcb078213cbb89ea75a4aacf5aed7a2bead

saveamerica.nucleusemail.com Open in urlscan Pro 172.67.212.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

93 kBTransfer

114 kBSize

5 Cookies

3 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

saveamerica.nucleusemail.com Open in urlscan Pro
172.67.212.39 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

93 kB
Transfer

114 kB
Size

5
Cookies

5 HTTP transactions
0 data transactions