Fake / Counterfeit Michael Kors Website Tracking

1. Below please find notes detailing a counterfeit ring peddling fake Michael Kors products via SPAM e-mail. These scammers use a standard template and use services from Global Frag Networks and Yesup Ecommerce Solutions Inc. to facilitate their criminal enterprise.
2.  
3. The subjects used in their e-mails normally look something like this:
4. - Michael Kors on Sale - Up to 80% off Online.
5. - Discount Michael Kors Handbags Online, Up To 85% OFF!
6. - Up to 85% Off Michael Kors Bags & Wallet Sale Season Off Clearance. Free Shipping
7.  
8. 20191103
9. SPAM Domain: isuniao.com
10. SPAM IP: 107.179.67.226
11. SPAM IP Tracking: https://www.abuseipdb.com/check/107.179.67.226
12. SPAM ISP: Bill Van / Global Frag Networks
13. Counterfeit website: https://mks.qxmks.com/
14. Conterfeit domain registrar: NameSilo, LLC
15. Counterfeit website IP: 104.28.25.44
16. Counterfeit Hosting Provider: Hides Behind Cloudflare
17.  
18. 20191022
19. SPAM Domain: cpw353.com
20. SPAM IP: 104.223.202.202
21. SPAM IP Tracking: https://www.abuseipdb.com/check/104.223.202.202
22. SPAM ISP: Bill Van / Global Frag Networks
23. Counterfeit website: https://mks.zimks.com/
24. Conterfeit domain registrar: NameSilo, LLC
25. Counterfeit website IP: 104.27.141.58
26. Counterfeit Hosting Provider: Hides Behind Cloudflare
27.  
28. 20190909
29. SPAM Domain: 23.228.90.107
30. SPAM IP: 43.227.113.71
31. SPAM IP Tracking: https://www.abuseipdb.com/check/23.228.90.107
32. SPAM ISP: Bill Van / Global Frag Networks
33. Counterfeit website: https://mks.vbmks.com/
34. Conterfeit domain registrar: NameSilo, LLC
35. Counterfeit website IP: 104.31.70.131
36. Counterfeit Hosting Provider: Hides Behind Cloudflare
37.  
38. 20190907
39. SPAM Domain: maiaiche.com
40. SPAM IP: 43.227.113.71
41. SPAM IP Tracking: https://www.abuseipdb.com/check/43.227.113.71
42. SPAM ISP: Flat B 6/F. Kam Fai Building
43. Counterfeit website: https://mks.vgmks.com/
44. Conterfeit domain registrar: NameSilo, LLC
45. Counterfeit website IP: 104.28.9.157
46. Counterfeit Hosting Provider: Hides Behind Cloudflare
47.  
48. 20190817
49. SPAM Domain: heimaico.com
50. SPAM IP: 23.228.90.106
51. SPAM IP Tracking: https://www.abuseipdb.com/check/23.228.90.106
52. SPAM ISP: Spiderly / Global Frag Networks
53. Counterfeit website: https://mks.wvmks.com/
54. Conterfeit domain registrar: NameSilo, LLC
55. Counterfeit website IP: 104.148.87.114
56. Counterfeit Hosting Provider: Bill Van / Global Frag Networks
57.  
58. 20190729
59. SPAM Domain: 1wwe.com
60. SPAM IP: 23.228.82.2
61. SPAM IP Tracking: https://www.abuseipdb.com/check/23.228.82.2
62. SPAM ISP: Spiderly / Global Frag Networks
63. Counterfeit website: https://mks.vemks.com/
64. Conterfeit domain registrar: NameSilo, LLC
65. Counterfeit website IP: 104.31.82.205
66. Counterfeit Hosting Provider: Hides Behind Cloudflare
67.  
68. 20190714
69. SPAM Domain: a0058.com
70. SPAM IP: 134.73.166.194
71. SPAM IP Tracking: https://www.abuseipdb.com/check/23.247.114.20
72. SPAM ISP: Spiderly / Global Frag Networks
73. Counterfeit website: https://mks.a0058.com/
74. Counterfeit website IP: 198.144.157.212
75. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
76.  
77. 20190628
78. SPAM Domain: cpw272.com
79. SPAM IP: 23.247.114.20
80. SPAM IP Tracking: https://www.abuseipdb.com/check/23.247.114.20
81. SPAM ISP: Spiderly / Global Frag Networks
82. Counterfeit website: https://mks.cpw272.com/
83. Counterfeit website IP: 198.144.157.217
84. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
85.  
86. 20190612
87. SPAM Domain: hcieqp.com
88. SPAM IP: 134.73.30.162
89. SPAM IP Tracking: https://www.abuseipdb.com/check/134.73.30.162
90. SPAM ISP: Global Frag Networks
91. Counterfeit website: https://mks.hcieqp.com/
92. Counterfeit website IP: 198.144.157.213
93. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
94.  
95. 20190512
96. SPAM Domain: 103563.com
97. SPAM IP: 23.247.114.18
98. SPAM IP Tracking: https://www.abuseipdb.com/check/23.247.114.18
99. SPAM ISP: Spiderly Ltd / Global Frag Networks
100. Counterfeit website: https://mks.103563.com/
101. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
102.  
103. 20190322
104. SPAM Domain: hdx222.com
105. SPAM IP: 134.73.166.224
106. SPAM ISP: EliDC / Colo Crossing
107. Counterfeit website: https://mks.hdx222.com/
108. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
109.  
110. 20181123
111. SPAM Domain: hmpay.cc
112. SPAM IP: 198.58.119.19
113. SPAM ISP: Linode LLC
114. Counterfeit website: http://znfl.hmpay.cc/mtad/tl.php?p=UNIQUE_TEXT_STRING_HERE
115. Counterfeit Hosting Provider: AliCloud
116.  
117. 20181122
118. SPAM Domain: zmlyg.com
119. SPAM IP: 104.148.126.250
120. SPAM ISP: Global Frag Networks
121. Counterfeit website: https://jup.zmlyg.com/
122. Counterfeit Hosting Provider: Yesup Ecommerce Solutions Inc.
123.  
124. 20180729
125. SPAM Domain: 91053.net
126. SPAM IP: 212.83.178.134
127. Counterfeit website: http://91053.net/oem/tl.php?p=UNIQUE_TEXT_STRING_HERE
128.  
129. 20180518
130. SPAM Domain: mkcosier.top
131. SPAM IP: 114.67.72.160
132. Counterfeit website: http://iereiex.top/mkipop
133.  
134. 20180503
135. SPAM Domain: aidcu.top
136. SPAM IP: 116.196.64.105
137. Counterfeit website: http://www.aidhu.top/l.php?UNIQUE_TEXT_STRING_HERE
138.  
139. 20180503
140. SPAM Domain: amazons7.top
141. SPAM IP: 125.94.44.60
142. Counterfeit website: http://www.4v33t.top
143.  
144. 20180420
145. SPAM Domain: pckww.com
146. SPAM IP: 1166.48.179.71
147. Counterfeit website: http://mk.pckww.com
148.  
149. 20180406
150. SPAM Domain: pcrww.com
151. SPAM IP: 166.48.179.195
152. Counterfeit website: http://mk.pcrww.com
153.  
154. 20180324
155. SPAM Domain: pbrww.com
156. SPAM IP: 62.210.61.195
157. Counterfeit website: http://mk.pbrww.com
158.  
159. 20180324
160. SPAM Domain: pbpww.com
161. SPAM IP: 103.215.213.65
162. Counterfeit website: http://mk.pbpww.com