Quote:
Taxpayer ID: myname-bunchofnumbersUS
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)
Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below):
review tax statement for taxpayer id: myname-bunchofnumbersUS
Internal Revenue Service
The phish domain it links to, hyg12zk.eu, has already been shut down.
But who.is has record of its IP address, 84.126.93.168.
Searching for other domains sharing the same address, I find
Quote:
gshipagc.com A 84.126.93.168
168.93.126.84.in-addr.arpa PTR 84.126.93.168.dyn.user.ono.com
02fgu145501.cn A 84.126.93.168
keule557.cn A 84.126.93.168
sdfsdf23423455jkjg.cn A 84.126.93.168
gshipagc.net A 84.126.93.168
Picking one and checking gshipagc.net, it appears to just be a shipping company (hmmm, sounds familiar). But if you go a step further and see what IP addresses
that domain has occupied recently, you get a rather long list:
Quote:
gshipagc.net A 24.42.26.101
gshipagc.net A 24.136.214.23
gshipagc.net A 24.139.153.207
gshipagc.net A 58.8.22.135
gshipagc.net A 58.8.22.237
gshipagc.net A 58.8.25.219
gshipagc.net A 58.8.29.249
gshipagc.net A 58.9.33.71
gshipagc.net A 58.9.35.30
gshipagc.net A 59.91.203.57
gshipagc.net A 59.94.241.181
gshipagc.net A 59.94.247.166
gshipagc.net A 59.94.251.141
gshipagc.net A 59.95.226.244
gshipagc.net A 59.161.145.50
gshipagc.net A 61.90.105.44
gshipagc.net A 61.90.105.185
gshipagc.net A 62.68.98.163
gshipagc.net A 62.68.98.172
gshipagc.net A 62.80.180.11
gshipagc.net A 62.80.180.44
gshipagc.net A 62.248.11.180
gshipagc.net A 62.248.11.216
gshipagc.net A 66.212.155.140
gshipagc.net A 67.164.7.67
gshipagc.net A 67.230.47.228
gshipagc.net A 71.92.202.74
gshipagc.net A 74.3.203.93
gshipagc.net A 76.208.149.68
gshipagc.net A 77.22.125.13
gshipagc.net A 77.78.42.41
gshipagc.net A 77.239.70.110
gshipagc.net A 77.239.71.249
gshipagc.net A 77.253.15.109
gshipagc.net A 77.254.134.179
gshipagc.net A 77.254.193.88
gshipagc.net A 77.254.201.167
gshipagc.net A 78.37.230.200
gshipagc.net A 78.106.120.13
gshipagc.net A 78.106.186.159
gshipagc.net A 78.109.252.199
gshipagc.net A 78.131.46.220
gshipagc.net A 78.166.71.118
gshipagc.net A 78.169.12.54
gshipagc.net A 78.175.218.224
gshipagc.net A 78.177.251.105
gshipagc.net A 78.182.174.158
gshipagc.net A 78.183.228.174
gshipagc.net A 79.109.144.180
gshipagc.net A 79.116.207.32
gshipagc.net A 79.116.208.64
gshipagc.net A 79.116.238.223
gshipagc.net A 79.117.47.190
gshipagc.net A 79.117.50.50
gshipagc.net A 79.119.84.66
gshipagc.net A 79.119.221.125
gshipagc.net A 79.121.5.93
gshipagc.net A 79.163.225.101
gshipagc.net A 79.172.90.140
gshipagc.net A 79.184.33.30
gshipagc.net A 79.184.38.184
gshipagc.net A 79.184.130.17
gshipagc.net A 80.39.45.38
gshipagc.net A 80.52.178.202
gshipagc.net A 80.230.26.66
gshipagc.net A 80.230.31.39
gshipagc.net A 81.182.111.181
gshipagc.net A 81.183.31.21
gshipagc.net A 81.203.251.235
gshipagc.net A 81.213.222.21
gshipagc.net A 81.219.69.194
gshipagc.net A 82.131.226.111
gshipagc.net A 82.131.231.106
gshipagc.net A 82.131.231.242
gshipagc.net A 82.131.238.160
gshipagc.net A 82.131.239.163
gshipagc.net A 82.131.239.201
gshipagc.net A 83.5.57.90
gshipagc.net A 83.5.143.59
gshipagc.net A 83.5.167.82
gshipagc.net A 83.20.12.213
gshipagc.net A 83.20.46.109
gshipagc.net A 83.20.52.101
gshipagc.net A 83.20.55.77
gshipagc.net A 83.20.55.246
gshipagc.net A 83.20.67.87
gshipagc.net A 83.20.68.235
gshipagc.net A 83.20.146.51
gshipagc.net A 83.20.223.17
gshipagc.net A 83.20.248.183
gshipagc.net A 83.20.252.113
gshipagc.net A 83.22.183.174
gshipagc.net A 83.26.72.249
gshipagc.net A 83.27.43.21
gshipagc.net A 83.27.142.225
gshipagc.net A 83.27.167.249
gshipagc.net A 83.28.176.236
gshipagc.net A 83.28.187.39
gshipagc.net A 83.29.117.73
gshipagc.net A 83.29.160.208
gshipagc.net A 83.29.162.172
gshipagc.net A 83.29.173.16
gshipagc.net A 83.30.49.87
gshipagc.net A 83.31.57.196
gshipagc.net A 83.36.152.131
gshipagc.net A 83.40.246.173
gshipagc.net A 83.81.248.102
gshipagc.net A 83.165.190.86
gshipagc.net A 83.185.71.202
gshipagc.net A 83.185.81.119
gshipagc.net A 83.185.92.139
gshipagc.net A 83.219.10.173
gshipagc.net A 83.231.80.48
gshipagc.net A 83.231.81.31
gshipagc.net A 83.231.89.130
gshipagc.net A 84.2.194.238
gshipagc.net A 84.10.117.194
gshipagc.net A 84.10.213.53
gshipagc.net A 84.126.93.22
gshipagc.net A 84.126.93.168
gshipagc.net A 84.224.2.48
gshipagc.net A 84.224.14.60
gshipagc.net A 84.224.25.14
gshipagc.net A 84.224.70.220
gshipagc.net A 85.85.235.241
gshipagc.net A 85.97.31.153
gshipagc.net A 85.97.90.1
gshipagc.net A 85.100.78.40
gshipagc.net A 85.101.196.172
gshipagc.net A 85.101.221.137
gshipagc.net A 85.101.234.165
gshipagc.net A 85.102.82.55
gshipagc.net A 85.102.183.57
gshipagc.net A 85.107.250.163
gshipagc.net A 85.136.96.16
gshipagc.net A 85.136.129.219
gshipagc.net A 85.136.134.51
gshipagc.net A 85.136.135.18
gshipagc.net A 85.202.49.44
gshipagc.net A 87.97.13.72
gshipagc.net A 87.110.3.213
gshipagc.net A 88.9.153.107
gshipagc.net A 88.15.243.103
gshipagc.net A 88.16.213.107
gshipagc.net A 88.16.228.86
gshipagc.net A 88.22.101.19
gshipagc.net A 88.102.159.73
gshipagc.net A 88.109.26.47
gshipagc.net A 88.109.252.100
gshipagc.net A 88.110.15.224
gshipagc.net A 88.110.17.5
gshipagc.net A 88.156.39.27
gshipagc.net A 88.224.250.236
gshipagc.net A 88.226.100.135
gshipagc.net A 88.227.91.117
gshipagc.net A 88.229.151.23
gshipagc.net A 88.229.174.49
gshipagc.net A 88.232.227.193
gshipagc.net A 88.233.109.12
gshipagc.net A 88.234.12.172
gshipagc.net A 88.234.12.219
gshipagc.net A 88.234.91.8
gshipagc.net A 88.236.126.128
gshipagc.net A 88.238.243.171
gshipagc.net A 88.242.138.162
gshipagc.net A 88.242.158.138
gshipagc.net A 88.243.2.195
gshipagc.net A 88.243.35.77
gshipagc.net A 88.243.37.124
gshipagc.net A 88.243.96.173
gshipagc.net A 88.243.109.158
gshipagc.net A 88.243.152.69
gshipagc.net A 88.243.214.166
gshipagc.net A 88.243.247.96
gshipagc.net A 88.244.136.205
gshipagc.net A 88.244.137.96
gshipagc.net A 88.244.202.61
gshipagc.net A 88.251.17.45
gshipagc.net A 89.47.81.70
gshipagc.net A 89.132.5.171
gshipagc.net A 89.218.137.234
gshipagc.net A 89.229.198.123
gshipagc.net A 89.230.168.4
gshipagc.net A 90.151.113.165
gshipagc.net A 90.189.216.179
gshipagc.net A 91.39.249.167
gshipagc.net A 91.120.98.231
gshipagc.net A 91.120.123.20
gshipagc.net A 91.123.159.112
gshipagc.net A 91.124.234.82
gshipagc.net A 91.151.32.198
gshipagc.net A 92.8.211.0
gshipagc.net A 92.47.153.86
gshipagc.net A 92.47.153.145
gshipagc.net A 92.255.151.3
gshipagc.net A 93.80.176.137
gshipagc.net A 93.80.193.222
gshipagc.net A 93.100.252.207
gshipagc.net A 93.103.232.126
gshipagc.net A 93.105.219.198
In fact, at any one time, it occupies 5 different IP addresses. It doesn't seem to know what its own TTL ("time to live," = how frequently the records expire) is:
Quote:
;; ANSWER SECTION:
gshipagc.net. 1800 IN A 66.212.155.140
gshipagc.net. 1800 IN A 67.164.7.67
gshipagc.net. 1800 IN A 74.3.203.93
gshipagc.net. 1800 IN A 89.229.198.123
gshipagc.net. 1800 IN A 190.97.142.3
Quote:
;; ANSWER SECTION:
gshipagc.net. 972 IN A 190.97.142.3
gshipagc.net. 972 IN A 66.212.155.140
gshipagc.net. 972 IN A 67.164.7.67
gshipagc.net. 972 IN A 74.3.203.93
gshipagc.net. 972 IN A 89.229.198.123
Quote:
;; ANSWER SECTION:
gshipagc.net. 442 IN A 89.229.198.123
gshipagc.net. 442 IN A 190.97.142.3
gshipagc.net. 442 IN A 66.212.155.140
gshipagc.net. 442 IN A 67.164.7.67
gshipagc.net. 442 IN A 74.3.203.93
The shipping company website has been reported as part of an employment scam:
http://www.scamwarners.com/forum/viewtopic.php?f=10&t=3366&start=0Oh, and by amazing coincidence, that shipping company has precisely the same number of container vessels and capacity as Mediterranean Shipping Co., SA, (mscgva.ch):
http://marinelink.com/en-US/News/Article/Mediterranean-Shipping-Co-Rate-Increase/329824.aspx
Posted: Wed Sep 09, 2009 7:37 pm 
