urlscan.io logo urlscan.io
SecurityTrails logo

bitchatnitro.com Open in urlscan Pro
34.32.135.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://bitchatnitro.com/
Submission Tags: phishingrod
Submission: On April 05 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 34.32.135.56, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bitchatnitro.com.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.
This is the only time bitchatnitro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 34.32.135.56 396982 (GOOGLE-CL...)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 5
Apex Domain
Subdomains		 Transfer
5 bitchatnitro.com
bitchatnitro.com
600 KB
2 gstatic.com
fonts.gstatic.com
39 KB
1 railway.app
bmap-api-production.up.railway.app
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
18 KB
0 relayx.io Failed
one.relayx.io Failed
11 6
Domain Requested by
5 bitchatnitro.com bitchatnitro.com
2 fonts.gstatic.com fonts.googleapis.com
1 bmap-api-production.up.railway.app bitchatnitro.com
1 fonts.googleapis.com bitchatnitro.com
1 cdn.jsdelivr.net bitchatnitro.com
0 one.relayx.io Failed bitchatnitro.com
11 6

This site contains links to these domains. Also see Links.

Domain
app.handcash.io
Subject Issuer Validity Valid
bitchatnitro.com
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.up.railway.app
R3		 2024-02-10 -
2024-05-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bitchatnitro.com/
Frame ID: 5E391E546D480CCF608FC93638FC95AD
Requests: 10 HTTP requests in this frame

Frame: https://one.relayx.io/?121
Frame ID: 4F0F6E824214288F3FD64186D7C6F109
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitchat [NITRO]

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

658 kB
Transfer

2377 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bitchatnitro.com/ 		1 KB
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bitchatnitro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
e02be2e4de96fe5ebcaedfa81709726a1ad405d6b095db9d2eb2f375a7b41aad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-disposition
inline; filename="index.html"
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 14:12:26 GMT
etag
"554ffa2f6d4a3ec531056b01670786a4d9ab3609"
server
railway
vary
Accept-Encoding
main.d4fc90ec.js
bitchatnitro.com/static/js/ 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitchatnitro.com/static/js/main.d4fc90ec.js
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
f9be2626c7e645e10942542b30132debd4f495e671ac4f5f992d333e0879f4b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bitchatnitro.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:12:26 GMT
content-encoding
gzip
server
railway
etag
"e3158ecc3d601a3f444ee18ee17af2a58739c3a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="main.d4fc90ec.js"
accept-ranges
bytes
main.45c9e46e.css
bitchatnitro.com/static/css/ 		404 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitchatnitro.com/static/css/main.45c9e46e.css
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
63e1d4aafbce413c97367222b54375a6af3264d89cd80b73e486e85a7aafb55f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bitchatnitro.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:12:26 GMT
content-encoding
gzip
server
railway
etag
"b6cadffe33489708657847bdc2547456eb883743"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-disposition
inline; filename="main.45c9e46e.css"
accept-ranges
bytes
bn.js
cdn.jsdelivr.net/npm/bn.js/lib/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bn.js/lib/bn.js
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7498cc7830ca21d862be33570436e1632596d8b397c8e83ee7f6dbdec168892c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bitchatnitro.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
5.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220064-FRA, cache-lga21945-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1613d-HsAxH1cmTjcSHOn4crTvY/22i8A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHlfNTQTi1cnv5UGPr%2Fyl2UA%2BvcJjZ54MoAnll4fmOvDiNCpHAUSHwusibqnNT21gYN9W%2Fcy2HP8NlTF7t8Qu5be360m54BMb4x4e1hlg6JBIdOCeCc7xoR8z5cq%2Bh9jcEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
86fa220fedbe06d8-AMS
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500;600;700&display=swap
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/static/css/main.45c9e46e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7dd54f114de295c5af8a7670e4baf298683f7c9937ac1b9f74a5d6cdef0660a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bitchatnitro.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 14:12:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 13:10:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 14:12:26 GMT
relayone.js
bitchatnitro.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitchatnitro.com/js/relayone.js
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/static/js/main.d4fc90ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
7dbbfe7ae56176f7396596a4be9756208bbafb3bae2854d0002c93584a4390da

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bitchatnitro.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:12:27 GMT
content-encoding
gzip
server
railway
etag
"f53d4248617cbf64d099b2a1d8180103c955478f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="relayone.js"
accept-ranges
bytes
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bitchatnitro.com
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 02:39:10 GMT
x-content-type-options
nosniff
age
300797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20064
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 02:39:10 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bitchatnitro.com
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 13:27:13 GMT
x-content-type-options
nosniff
age
521114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19156
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:04:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 13:27:13 GMT
notify.mp3
bitchatnitro.com/audio/ 		6 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://bitchatnitro.com/audio/notify.mp3
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
a75d2a8a4e6e513cece693703c994c05be066260b089a2d60daf2629026403ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://bitchatnitro.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:12:27 GMT
server
railway
etag
"26b53db0e30b03135aa483f18293933f9db491aa"
content-type
audio/mpeg
Content-Range
bytes 0-6612/6613
content-disposition
inline; filename="notify.mp3"
accept-ranges
bytes
Content-Length
6613
eyJ2IjozLCJxIjp7ImZpbmQiOnt9fX0=
bmap-api-production.up.railway.app/s/$all/ 		33 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://bmap-api-production.up.railway.app/s/$all/eyJ2IjozLCJxIjp7ImZpbmQiOnt9fX0=
Requested by
Host: bitchatnitro.com
URL: https://bitchatnitro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway / Express
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://bitchatnitro.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 14:12:27 GMT
cache-control
no-cache
server
railway
x-powered-by
Express
x-accel-buffering
no
content-type
text/event-stream
/
one.relayx.io/ Frame 4F0F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
one.relayx.io
URL
https://one.relayx.io/?121

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| BN function| _ string| _bsv function| Buffer object| _RELAY_ONE_STATE object| relayone function| parcelRequire

0 Cookies