Follow

API X-Distil-Threats Values

Distil has assigned a threat value to each API request. Distil appends a header x-distil-threats with a value in each request sent from Distil to the origin. A value of 0 indicates that no threat has been identified.

If you’d like more information on x-distil-bot values related to our bot mitigation solution for web applications, see the Web X-Distil-Bot Values article.

The following table lists possible x-distil-threats values.

X-Distil-Threats

Threat Type

1

Blacklisted: Token

2

Blacklisted: Country

4

Blacklisted: Header

8

Token Management Violation: No Token

16

Rate Limited:
Requests Per Minute

32

Rate Limited: Graduated Requests Per Minute

128

Rate Limited: Session Length

256

Rate Limited:
Requests Per Session

512

Rate Limited: Graduated Session Length

1024

Rate Limited: Graduated Requests Per Session

2048

Blacklisted: IP

4096

Token Management Violation: Tokens Per IP

8192

Token Management Violation: IPs Per Token

131072

Token Management Violation: Invalid Token

1048576

Blacklisted: Organization

Multiple threats may be identified for a single request. As such, the value passed to origin is quite often a sum of the above values. A common value is 12289, which evaluates to:

X-Distil-Threats

Threat Type

1

Blacklisted: Token

4096

Token Management: Violation: Tokens Per IP

8192

Token Management: Violation: IPs Per Token

TIP: Appending this value to your server logs can be invaluable in investigating suspicious traffic.

Whitelisted Requests

If a request is whitelisted, Distil assigns a whitelist value to the API request. Distil appends a header x-distil-whitelist with a value in each request sent from Distil to the origin.

The following table lists possible x-distil-whitelist values.

X-Distil-Whitelist

Whitelist Type

1

Identifier

2

Country

4

Header

2048

IP

1048576

Organization
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments