JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.225.149.66

111.225.149.66 was found in our database!

This IP was reported 439 times. Confidence of Abuse is 57%: ?

57%

ISP	CHINANET hebei province network
Usage Type	Fixed Line ISP
ASN	AS4134
Hostname(s)	bytespider-111-225-149-66.crawl.bytedance.com
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shijiazhuang, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.225.149.66

Whois 111.225.149.66

IP Abuse Reports for 111.225.149.66:

This IP address has been reported a total of 439 times from 44 distinct sources. 111.225.149.66 was first reported on July 26th 2021, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 MarkGGN	2026-06-19 15:13:02 (16 hours ago)	Web attack. 111.225.149.66 - - [19/Jun/2026:17:12:59 +0200] "GET /tag/blog/ HTTP/2.0" 200 44786 "-" ... show more Web attack. 111.225.149.66 - - [19/Jun/2026:17:12:59 +0200] "GET /tag/blog/ HTTP/2.0" 200 44786 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/)" 111.225.149.66 - - [19/Jun/2026:17:13:02 +0200] "GET /tag/blog/?essb_counter_cache=rebuild HTTP/2.0" 200 72 "https://www.*/tag/blog/" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/)" show less	Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-18 23:02:47 (1 day ago)	[Sat Jun 13 01:55:30.468132 2026] [authz_core:error] [pid 65469:tid 139817382565440] [client 111.225 ... show more [Sat Jun 13 01:55:30.468132 2026] [authz_core:error] [pid 65469:tid 139817382565440] [client 111.225.149.66:21594] AH01630: client denied by server configuration: /var/www/public_html/www/ [Sat Jun 13 01:55:30.471125 2026] [authz_core:error] [pid 65469:tid 139817382565440] [client 111.225.149.66:21594] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html [Thu Jun 18 17:02:46.955897 2026] [authz_core:error] [pid 320307:tid 139817323816512] [client 111.225.149.66:26634] AH01630: client denied by server configuration: /var/www/public_html/symposium/ ... show less	Bad Web Bot
🇸🇬 mypatricks	2026-06-15 11:24:04 (4 days ago)	111.225.149.66 \| Port: 11150 \| DNS: bytespider-111-225-149-66.crawl.bytedance.com 2026-06-15T19:24:0 ... show more 111.225.149.66 \| Port: 11150 \| DNS: bytespider-111-225-149-66.crawl.bytedance.com 2026-06-15T19:24:03+08:00 Asia/Shanghai \| Un-authorized bots or crawlers \| UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/) HTTP/1.1 443 GET \| URL: /fondant-3d-royal-princesses-crown/ \| Ref: - \| Country: CN/China/+08:00 IP City: Shijiazhuang a0c134c31dbf1a59-AMS/Amsterdam, Netherlands 1 hits/0 secs Browser 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇮🇹 Progetto1	2026-06-10 19:30:02 (1 week ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇪🇸 librebit	2026-06-07 07:01:46 (1 week ago)	Brute force	Brute-Force
Anonymous	2026-06-05 19:33:49 (2 weeks ago)	Automated report (2026-06-05T15:33:49-04:00). Scraper detected.	Bad Web Bot
🇮🇪 Jim Keir	2026-06-02 19:47:15 (2 weeks ago)	2026-06-02 19:47:07 111.225.149.66 Bad bot, blocking Mozilla/5.0	Bad Web Bot
🇮🇩 David Koswari	2026-06-02 06:05:00 (2 weeks ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇮🇪 Jim Keir	2026-06-01 20:23:27 (2 weeks ago)	2026-06-01 20:23:23 111.225.149.66 Bad bot, blocking Mozilla/5.0	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-30 18:28:57 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 111.225.149.66 (bytespider-111-225-149-66.crawl ... show more (mod_security) mod_security (id:210730) triggered by 111.225.149.66 (bytespider-111-225-149-66.crawl.bytedance.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 14:28:53.304809 2026] [security2:error] [pid 804:tid 804] [client 111.225.149.66:48222] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.civilwarzone.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "ahssZa3xp0EISnRcw_wpJwAAAA0"], referer: https://www.civilwarzone.com/MyOldKentuckyHome.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-05-28 20:01:16 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK ASN: 4134 (CHINANET BACKBONE) ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK ASN: 4134 (CHINANET BACKBONE) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-05-28T19:02:59Z Ray ID: a02f844eadc2b933 UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/) show less	Bad Web Bot
🇮🇪 Jim Keir	2026-05-27 13:17:02 (3 weeks ago)	2026-05-27 13:16:52 111.225.149.66 Bad bot, blocking Mozilla/5.0	Bad Web Bot
🇸🇬 mypatricks	2026-05-22 06:19:11 (4 weeks ago)	111.225.149.66 \| Port: 12328 \| DNS: bytespider-111-225-149-66.crawl.bytedance.com 2026-05-22T14:19:1 ... show more 111.225.149.66 \| Port: 12328 \| DNS: bytespider-111-225-149-66.crawl.bytedance.com 2026-05-22T14:19:10+08:00 Asia/Shanghai \| Un-authorized bots or crawlers \| UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/) HTTP/1.1 443 GET \| URL: /cake-for-man/ \| Ref: - \| Country: CN/China/+08:00 IP City: Shijiazhuang 9ff9b52c18d524f9-AMS/Amsterdam, Netherlands 1 hits/0 secs Browser 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇮🇪 Jim Keir	2026-05-21 22:18:42 (4 weeks ago)	2026-05-21 22:18:42 111.225.149.66 Bad bot, blocking Mozilla/5.0	Bad Web Bot
🇨🇦 1gz	2026-05-21 01:04:18 (4 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /lajme/shqiperi/ UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 439 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.111.148.83

🇺🇸 216.25.89.145

🇦🇷 186.65.86.2

🇫🇮 147.185.133.148

🇬🇧 92.27.101.99

🇳🇱 91.92.40.10

🇩🇪 69.5.169.143

🇳🇱 64.89.162.131

🇩🇪 57.129.25.72

🇺🇸 34.227.160.14

🇩🇪 8.209.110.18

🇲🇳 203.23.199.89

🇨🇴 179.32.200.247

🇸🇬 172.188.89.41

🇺🇸 104.243.35.45

🇮🇳 103.204.167.14

🇳🇱 45.198.224.138

🇬🇧 35.203.210.30

🇷🇴 2.57.122.177

🇫🇷 85.217.140.35