www.line-me-skyminsh-ks.cn Open in urlscan Pro
202.168.149.123  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set vbss-h5c Show response www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/	3 KB 1 KB	1155ms 227ms	Document text/html	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 026ffd1a8ec6d99798569753a4f4e68af8f43d5e996a7e89a5095ed2236f2eb4 Request headers Host www.line-me-skyminsh-ks.cn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 Set-Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0; path=/; HttpOnly X-AspNetMvc-Version 4.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Tue, 25 Sep 2018 03:43:33 GMT Content-Length 1148
GET H/1.1	200 OK	normalize.css www.line-me-skyminsh-ks.cn/Static/css/	9 KB 3 KB	250ms 249ms	Stylesheet text/css	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Static/css/normalize.css Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash fefe1871a83ead7d98a00c4856096c933c0a64883900da21a0317b2a427537fd Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 17:12:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "1158f73e04dd41:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 3084
GET H/1.1	200 OK	swiper.min.css www.line-me-skyminsh-ks.cn/Static/css/	19 KB 4 KB	473ms 241ms	Stylesheet text/css	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Static/css/swiper.min.css Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash fcc52c6f1315aa55dbc6d62c55437b49cadbabc1dde54a7e067b599764ee30b4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 17:12:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "2629873e04dd41:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 4017
GET H/1.1	200 OK	style.css www.line-me-skyminsh-ks.cn/Static/css/	4 KB 1 KB	497ms 247ms	Stylesheet text/css	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Static/css/style.css Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 43a350d405343afca68ac4fda7a3a82d2eb977c7449814816ab004020313aa33 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 17:12:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "7e99073e04dd41:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1201
GET H/1.1	200 OK	image01.jpg www.line-me-skyminsh-ks.cn/Static/images/	18 KB 18 KB	983ms 507ms	Image image/jpeg	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.line-me-skyminsh-ks.cn/Static/images/image01.jpg Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash a923191133a02286fd61e675ac601bfcf3576f6f38ec1d165c376da69b953692 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Last-Modified Wed, 15 Aug 2018 06:47:51 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "6b5f8e26334d41:0" Content-Type image/jpeg Accept-Ranges bytes Content-Length 17985
GET H/1.1	200 OK	jquery.min.js Show response www.line-me-skyminsh-ks.cn/Static/js/	85 KB 38 KB	1020ms 552ms	Script application/javascript	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Static/js/jquery.min.js Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 17:12:34 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "4e5aaf75e04dd41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 38743
GET H/1.1	200 OK	swiper.min.js Show response www.line-me-skyminsh-ks.cn/Static/js/	118 KB 40 KB	1027ms 555ms	Script application/javascript	202.168.149.123 VTL-AS-AP Vanta T...
General Check archive.org Show headers Download Go to Full URL https://www.line-me-skyminsh-ks.cn/Static/js/swiper.min.js Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 202.168.149.123 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 34200a216f42b734a9723a5367645bb517c31e036b42e2bf6a480c62880fc12c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.line-me-skyminsh-ks.cn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Cookie ASP.NET_SessionId=yx3tdnnrer3kke4pn410kjh0 Connection keep-alive Cache-Control no-cache Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 17:12:34 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "d1f5b875e04dd41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 40910
GET H/1.1	200 OK	banner.aspx Show response web.chat4support.com/weboperator/Operator/	970 B 1 KB	748ms 108ms	Script text/html	206.222.9.37 eNET Inc.
General Check archive.org Show headers Download Go to Full URL https://web.chat4support.com/weboperator/Operator/banner.aspx?sid=29242 Requested by Host: www.line-me-skyminsh-ks.cn URL: https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 206.222.9.37 Columbus, United States, ASN10297 (ENET-2 - eNET Inc., US), Reverse DNS 25.9.de.static.xlhost.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash b2687519fb85a19156f05c47696d7b05397ea1c5f7fd19c2e63912478c47cdec Request headers Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 25 Sep 2018 03:43:32 GMT Server Microsoft-IIS/7.5 X-AspNet-Version 2.0.50727 X-Powered-By ASP.NET P3P CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" Cache-Control private Content-Type text/html; charset=utf-8 Content-Length 970
GET H/1.1	200 OK	banner.js Show response web.chat4support.com/weboperator/operator/js/	52 KB 9 KB	104ms 103ms	Script application/x-javascript	206.222.9.37 eNET Inc.
General Check archive.org Show headers Download Go to Full URL https://web.chat4support.com/weboperator/operator/js/banner.js Requested by Host: web.chat4support.com URL: https://web.chat4support.com/weboperator/Operator/banner.aspx?sid=29242 Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 206.222.9.37 Columbus, United States, ASN10297 (ENET-2 - eNET Inc., US), Reverse DNS 25.9.de.static.xlhost.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash c736eabcdadc2093a371e6eca74e49671352a39d417f8d0e29fe4a973d158e2c Request headers Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Tue, 25 Sep 2018 03:43:34 GMT Content-Encoding gzip Last-Modified Tue, 18 Jul 2017 03:15:15 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "80632a1374ffd21:0" Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 9049
GET H/1.1	200 OK	visit.asp Show response srv.chat4support.com/	374 B 574 B	1016ms 401ms	Script text/html	206.222.9.34 eNET Inc.
General Check archive.org Show headers Download Go to Full URL https://srv.chat4support.com/visit.asp?sid=29242&sTag=181402999&cancel=0&style=0&online=1&urlreferer=&timezone=0&screensize=1600x1200&screencolor=24&pagetitle=%25u591A%25u5F69%25u306A%25u30B9%25u30BF%25u30F3%25u30D7%25u3068%25u7740%25u305B%25u304B%25u3048%25u30C7%25u30B6%25u30A4%25u30F3%25u3067&url=https%253A//www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c&time=03:43:35&mode=0& Requested by Host: web.chat4support.com URL: https://web.chat4support.com/weboperator/operator/js/banner.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 206.222.9.34 Columbus, United States, ASN10297 (ENET-2 - eNET Inc., US), Reverse DNS 22.9.de.static.xlhost.com Software Chat4Support / Resource Hash 531c503a592bcebbf1bdc25cefef01e7302ec89e350c3741052d8ad69749e89f Request headers Referer https://www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom/vbss-h5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Cache-control no-cache Content-Type text/html Server Chat4Support Content-Encoding gzip Content-Length 260 P3P CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Line (Online)

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Swiper string| _C4imgOn string| _C4imgOff string| _C4imgTop string| _C4imgMid string| _C4imgBottom number| _C4sid string| _C4sTag number| _C4style number| _C4online number| _C4nFloat number| _C4nInvite number| _C4nMode number| _C4nPos number| _C4nPosX number| _C4nPosY string| _C4HomePage string| _C4srvURL string| _C4webSrvUrl string| _C4Custom string| _C4SiteName string| _C4Language number| _C4ChatList string| _C4wid string| _C4v2cname string| _C4vCallUrl string| _C4ServiceTitle string| _C4ServiceContact string| _C4ServiceMessage number| _C4RefreshSecound number| _C4RefreshTry number| _C4RefreshDelay function| UrlDecode function| _C4initServiceLang function| closebtn function| HideBtnClose function| _C4helpDlg function| _C4InitInvite boolean| _C4Obj boolean| _C4IsDrag undefined| _C4DiffY undefined| _C4DiffX undefined| _C4DragObj function| _C4moveMouse function| _C4initDrag number| C4lastHScrollX number| C4lastHScrollY function| _C4InitHelp function| myBrowser number| C4lastScrollX number| C4lastScrollY function| _C4midPosition string| _C4oImg string| _C4img boolean| _C4Online string| _C4msg string| _C4operId string| _C4operName string| _C4Welcome number| _C4bCancel string| _C4vId boolean| _C4visited string| _C4vCountry string| _C4vCity string| _C4vOS string| _C4vBrowser string| _C4vKeyword boolean| _C4vKeywordMatch object| _C4newWindow object| _C4DeptList object| _C4OperList number| _C4isDemo function| _C4imgSrc function| _C4chat function| _C4cancelinvite function| _C4getTime number| _C4isUpdate function| _C4checkSite function| _C4update function| _C4initServiceList function| _C4chatDept function| _C4SortOperList function| _C4existDept function| _C4onlineDept function| _C4PutScript function| _C4initInviteLang function| C4S_GetVisitPage function| C4S_GetColor function| C4S_GetPageTitle function| C4S_GetReferrer function| C4S_GetTimeZone function| C4S_GetCookie function| C4S_getCookieVal function| C4S_GetVid function| C4S_SetCookie

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.line-me-skyminsh-ks.cn/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yx3tdnnrer3kke4pn410kjh0
			www.line-me-skyminsh-ks.cn/Default/entry/sign/cvrtxs@gbSO93hid/Hfrom	1970-01-19 03:56:23	Name: _C4vId Value: CA7941XY821K3YIF19K0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

srv.chat4support.com
web.chat4support.com
www.line-me-skyminsh-ks.cn
202.168.149.123
206.222.9.34
206.222.9.37
026ffd1a8ec6d99798569753a4f4e68af8f43d5e996a7e89a5095ed2236f2eb4
34200a216f42b734a9723a5367645bb517c31e036b42e2bf6a480c62880fc12c
43a350d405343afca68ac4fda7a3a82d2eb977c7449814816ab004020313aa33
531c503a592bcebbf1bdc25cefef01e7302ec89e350c3741052d8ad69749e89f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a923191133a02286fd61e675ac601bfcf3576f6f38ec1d165c376da69b953692
b2687519fb85a19156f05c47696d7b05397ea1c5f7fd19c2e63912478c47cdec
c736eabcdadc2093a371e6eca74e49671352a39d417f8d0e29fe4a973d158e2c
fcc52c6f1315aa55dbc6d62c55437b49cadbabc1dde54a7e067b599764ee30b4
fefe1871a83ead7d98a00c4856096c933c0a64883900da21a0317b2a427537fd