Distil has assigned a threat value to each API request. Distil appends a header x-distil-threats with a value in each request sent from Distil to the origin. A value of 0 indicates that no threat has been identified.
If you’d like more information on x-distil-bot values related to our bot mitigation solution for web applications, see the Web X-Distil-Bot Values article.
The following table lists possible x-distil-threats values.
X-Distil-Threats |
Threat Type |
1 |
Blacklisted: Token |
2 |
Blacklisted: Country |
4 |
Blacklisted: Header |
8 |
Token Management Violation: No Token |
16 |
Rate Limited: |
32 |
Rate Limited: Graduated Requests Per Minute |
128 |
Rate Limited: Session Length |
256 |
Rate Limited: |
512 |
Rate Limited: Graduated Session Length |
1024 |
Rate Limited: Graduated Requests Per Session |
2048 |
Blacklisted: IP |
4096 |
Token Management Violation: Tokens Per IP |
8192 |
Token Management Violation: IPs Per Token |
131072 |
Token Management Violation: Invalid Token |
1048576 |
Blacklisted: Organization |
Multiple threats may be identified for a single request. As such, the value passed to origin is quite often a sum of the above values. A common value is 12289, which evaluates to:
X-Distil-Threats |
Threat Type |
1 |
Blacklisted: Token |
4096 |
Token Management: Violation: Tokens Per IP |
8192 |
Token Management: Violation: IPs Per Token |
TIP: Appending this value to your server logs can be invaluable in investigating suspicious traffic.
Whitelisted Requests
If a request is whitelisted, Distil assigns a whitelist value to the API request. Distil appends a header x-distil-whitelist with a value in each request sent from Distil to the origin.
The following table lists possible x-distil-whitelist values.
X-Distil-Whitelist |
Whitelist Type |
1 |
Identifier |
2 |
Country |
4 |
Header |
2048 |
IP |
1048576 |
Organization |
Comments