Loading...

72.21.81.253 is in Santa Monica, United States

72.21.81.253 is known for DDOS, DNS cache poisoning, firewall alert, hacking, malware.

The report has been created on Nov 28, 2014 15:23:42
The IP address 72.21.81.253 belongs to EdgeCast Networks ISP in Santa Monica (California, CA), United States (34.0119018555 and -118.468200684). The hostname is 72.21.81.253.
United States (United States of America, USA) is a High income: OECD country in North America. The currency is U.S. dollar.
As of Nov 28, 2014 15:23:42 we have 9 complaint(s) about 72.21.81.253. Based on our records, the 72.21.81.253 has been involved in DDOS, DNS cache poisoning, firewall alert, hacking, malware, etc.

72.21.81.253

IP Address Country:  United States (US)
IP Address Region:CA California
IP Address City:Santa Monica
IP Postal Code90405
IP Address Area Code310
IP Metro Code803
IP Address Latitude:34.0119018555
IP Address Longitude:-118.468200684
IP Address ISP: EdgeCast Networks
Organisation:
IP Address Proxy:
IP Address Host:72.21.81.253
Map is loading...

If 72.21.81.253 is causing you trouble (doing SPAM, brute-force, DOS attack, phishing, or other fraud), you can report the abuser right here!



We have 9 complaints about 72.21.81.253


Anonymous user from 98.247.8.9 in United States
13 days  agoIllicit downloading of SW - in Hacking
"Have been attempting to rid my machine of malwear. On boot, the system auto-downloads SW from this site. Curse them!"

Anonymous user from 74.78.162.14 in United States
>3 months agoDNS Unkown Hacks - in DDOS
"None yet just intrusive - Attempting to Block as I am starting to block trackers by IP - No Damage yet - Bookmarking site here tks.
"

Anonymous user from 207.34.78.242 in Canada
>2 years agoVirus/JS/Redirect.FF!tr - in Malware
"Virus/JS/Redirect.FF!tr - attemping to infect and spam through our network caught several times point from our external facing vip to our internal servers from this ip 72 21 81 253"

Anonymous user from 173.25.210.78 in United States
>2 years agohow to block - in Firewall Alert
"This IP is most likely an AD based server with a plugin someone has recently installed or a Pirated software. Best off to just add it to your host file and it will not be any concern after that since it will just be sending request that go nowhere.

Open - My Computer
C:\Windows\System32\drivers\etc

There will be a file in there named host with no extension which is fine.
Copy it to your desktop unless you have UAC disabled.
Right click and open with notepad unless you have program extensions in names enabled in that case just rename it to host.txt.
Add it in the file an example is listed below.

I would add a full list but my host file is about 30 megs so the list is absurdly long.

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

127.0.0.1 72.21.81.253

"

Anonymous user from 67.169.92.62 in United States
>2 years agoRemote Registry Attempts - in Hacking
"This IP address is attempting to exploit malicious code on my system. If this IP address connects to your system, I would block it ASAP."
>2 years agomaware attack - in Malware
"Were getting malware attacks from this is address

Anti-Spyware Detection Alert: Freeze (Trojan), SID: 2138, Danger Level: High - 72.21.81.253, 80, X1 - 192.168.1.76, 51222, X0 -

This email was generated by: SonicOS Enhanced 5.6.0.11-61o (0017-C5CA-3454"

Anonymous user from 186.32.59.32 in Costa Rica
>2 years agoThis address took my domain - in DNS Cache Poisoning
"When I try to open my wensite I get directed to this IP, when I do ping, I get directed here as well.

I still need to find out how it infected my server. I have firewall and antimalware on it. "
>2 years ago72.21.81.253-pornhub.com Leeches, - in Hacking
"Getting in through webcam protocols. I believe theres an illegal market, for cougers trying to jump on young cock like mine, puting my safety at risk, because your illegally selling my personal information, for financial and OTHER spiritual means.

A time-wait connection associated with the ip in the subject line. Will sniff now just to make sure...."

Anonymous user from 201.141.0.74 in Mexico
>2 years agoScientology Church hacker team - in Malware
"This address is communicating with my equipment with out my authorization, injected malware thru email and now trying to pass my firewall. Church Of Scientology at Los Angeles is the source of hacktivism attacks."

WHOIS for 72.21.81.253

[Querying whois.arin.net]
[whois.arin.net]
#
# Query terms are ambiguous. The query is assumed to be:
# "n 72.21.81.253"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=72.21.81.253?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 72.21.80.0 - 72.21.95.255
CIDR: 72.21.80.0/20
OriginAS: AS15133
NetName: EDGECAST-NETBLK-01
NetHandle: NET-72-21-80-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
RegDate: 2007-04-23
Updated: 2012-03-20
Ref: http://whois.arin.net/rest/net/NET-72-21-80-0-1

OrgName: EdgeCast Networks, Inc.
OrgId: EDGEC-1
Address: 2850 Ocean Park Blvd.
Address: Suite 110
City: Santa Monica
StateProv: CA
PostalCode: 90405
Country: US
RegDate: 2007-03-09
Updated: 2011-11-30
Ref: http://whois.arin.net/rest/org/EDGEC-1

OrgNOCHandle: NOC2475-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-310-479-3200
OrgNOCEmail: noc@edgecast.com
OrgNOCRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

OrgTechHandle: NOC2475-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-310-479-3200
OrgTechEmail: noc@edgecast.com
OrgTechRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

OrgAbuseHandle: NOC2475-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-310-479-3200
OrgAbuseEmail: noc@edgecast.com
OrgAbuseRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

RAbuseHandle: NOC2475-ARIN
RAbuseName: Network Operations Center
RAbusePhone: +1-310-479-3200
RAbuseEmail: noc@edgecast.com
RAbuseRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

RTechHandle: NOC2475-ARIN
RTechName: Network Operations Center
RTechPhone: +1-310-479-3200
RTechEmail: noc@edgecast.com
RTechRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

RNOCHandle: NOC2475-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-310-479-3200
RNOCEmail: noc@edgecast.com
RNOCRef: http://whois.arin.net/rest/poc/NOC2475-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Abusing IP Addresses from the same C block

IP AddressAbuseComplaints
72.21.81.132DDOS:sync flood:3 complaints
72.21.81.133SQL injection:1 complaints

Other DDOS, DNS Cache Poisoning, Firewall Alert, Hacking, Malware Complaints

21 min  ago Poland178.249.95.43"HackAttack: [Trojan Scan]"
22 min  ago China223.81.192.161"HackAttack: [Trojan Scan]"
24 min  ago United States72.20.56.233"HackAttack: [SPI:Illegal connection state attack]"
26 min  ago Finland81.22.250.28"HackAttack: [SPI:Illegal connection state attack]"
8 hr 26 min  ago United States165.254.92.16"Attempted SSH & FTP Hacking"
1 days  ago Poland91.237.69.17"HackAttack: [Trojan Scan]"
1 days  ago United States208.67.222.222"Microsoft TMG reporting All ports Scan "
1 days  ago China121.205.150.163"Angry man"
1 days  ago India117.201.15.250"HackAttack: [Trojan Scan]"
1 days  ago Turkey37.247.97.139"HackAttack: [SPI:Illegal connection state attack]"

Domains in the same C Block as 72.21.81.253

IP AddressDomainRank
72.21.81.133heritage.org20428
72.21.81.133edgecastcdn.net29594
72.21.81.133dallascityhall.com137459
72.21.81.133askheritage.org164391