Name: Threat Intelligence: 104.28.246.114
Creator: UnwantedIP
License: https://creativecommons.org/licenses/by/4.0/

Threat LevelMEDIUM39/1001 rule type

2 incidents on record · active over 5 days · last seen 2d ago

PTR	N/A
Org / ASN	Cloudflare WARP
Country	🇺🇸 United States
City	St Louis, Missouri
Timezone	America/Chicago

Attack Analysis

🇺🇸 United States · St. Louis · 13335 · Cloudflare, Inc.

Directory Brute-Force (Active Scan)

This IP triggered 10 or more HTTP 4xx errors within 60 seconds — the signature of a vulnerability scanner cycling through wordlists of common admin paths, config files, and endpoints. Tools like Nikto, Dirbuster, and Gobuster produce exactly this pattern.

Reports (2)

Date	Severity	Description
11 Jun 2026 - 10:52	high	Web: Active scan — 10+ 4xx errors in 60s
6 Jun 2026 - 20:55	high	Web: Active scan — 10+ 4xx errors in 60s

Report for IP: 104.28.246.114

Attack Analysis

Reports (2)

Related IPs — Same /24 Block (104.28.246.0/24)