Sign in
← Dashboard / Signature Detail
NL

Indigo 416 iOS

· Indigo 416 / iOS Bot
Scraper
Policy: Silent Throttle
Probability
81 %
Confidence
87 %
Risk Profile
High
Threat
None
Hit Count
2
Last Seen
2h 14m ago
Network Locale Headers Tool Transport Session Quality

Fingerprint Profile

TLS Version
TLSv1.3
HTTP Protocol
HTTP/2
Protocol Client
TLS_AES_256_GCM_SHA384
TCP OS Hint
Unavailable
Fingerprint Integrity
Suspect
UA Consistency
Suspect
Headless Indicator
Low
Datacenter IP
Clean
Endpoints Visited (1) Click to expand · stats unavailable
# Path
1 /dashboard/signature/d9ff72d987bfae17
Raw Requests (2) Click to expand
Time Method Path Status Prob Conf Risk Profile Action Time
23:49:06 GET /dashboard/signature/d9ff72d987bfae17 200 81 % 87 % High Silent Throttle 12.2ms
23:49:04 GET /dashboard/signature/d9ff72d987bfae17 200 46 % 81 % Elevated Allow 13.8ms

Bot Probability & Confidence History

StyloBot Detection Overhead (ms)

User Agent

Indigo/416 CFNetwork/[phone] Darwin/25.5.0

Analysis

Indigo 416 iOS on /dashboard/signat... - caught by High request rate: 116.9/min (total: 116.9/min), Same page re-requested after 1.0 seconds without using br..., Request patterns appear normal

Detection Signals

  • High request rate: 116.9/min (total: 116.9/min)
  • Same page re-requested after 1.0 seconds without using browser cache
  • Request patterns appear normal
  • TLS connection appears normal
  • User-Agent appears normal

Detector Contributions (35 detectors)

Detector Confidence Delta Timing (ms)
BehavioralWaveform
High request rate: 116.9/min (total: 116.9/min)
+0.750 0.1
HeuristicLate
Heuristic model (late): 70 % bot likelihood (272 features)
+0.405 0.3
Heuristic
Heuristic model (early): 62 % human likelihood (17 features)
-0.240 0.1
CacheBehavior
Same page re-requested after 1.0 seconds without using browser cache
+0.300 0.4
Ip
IP appears normal: 82.174.242.xxx
-0.150 0.0
Header
Headers appear normal
-0.150 0.1
UserAgent
User-Agent appears normal
-0.150 0.1
Behavioral
Request patterns appear normal
-0.150 0.1
Inconsistency
No header/UA inconsistencies detected
-0.150 0.0
TlsFingerprint
TLS connection appears normal
-0.150 0.0
TcpIpFingerprint
Missing connection reuse header (unusual for real browsers)
+0.200 0.0
VersionAge
Browser/OS versions appear current
-0.050 0.0
Http2Fingerprint
No HTTP/2 stream priority (browsers typically use this)
+0.050 0.0
AI
AI analysis: borderline case, monitoring
+0.000 9.7
Llm
LLM detection disabled or unavailable
+0.000 0.0
Intent
Session intent: browsing (threat=0.05, band=None)
+0.000 0.4
AiScraper
No AI scraper signals detected
+0.000 0.0
Similarity
No prior visitor signatures to compare against yet
+0.000 0.0
StreamAbuse
Stream abuse check - non-streaming request
+0.000 0.0
VerifiedBot
No known bot UA pattern
+0.000 0.0
SecurityTool
No security tools detected in User-Agent
+0.000 0.1
SessionVector
Session tracking active (2 requests, 0 prior sessions)
+0.000 0.2
CookieBehavior
Too few requests for cookie analysis
+0.000 0.0
ReputationBias
No learned reputation patterns matched
+0.000 0.0
ClaimedIdentity
No profile for UA family 'Indigo'
+0.000 0.0
ProjectHoneypot
Skipped: ProjectHoneypot is disabled in configuration
+0.000 0.0
ReactivePattern
No prior error events to analyze
+0.000 0.0
RequestHydrator
Request signals hydrated to sink
+0.000 0.0
Http3Fingerprint
Connection uses HTTP/2 (not HTTP/3)
+0.000 0.0
ResponseBehavior
Response coordinator not configured
+0.000 0.0
HeaderCorrelation
Single signature per header profile
+0.000 0.0
ResourceWaterfall
Insufficient document requests for analysis
+0.000 0.0
TransportProtocol
Transport protocol analysis complete
+0.000 0.0
FastPathReputation
No known patterns in reputation cache
+0.000 0.0
MultiLayerCorrelation
Cross-signal consistency check complete (not enough data to compare)
+0.000 0.1

Signal Intelligence

h2

protocol h2

request

protocol HTTP/2
accept_encoding gzip, deflate, br

risk

justification Classified Scraper (probability 0.81, confidence 0.87)
friendly_pin_trace not-applicable:botType=Scraper,yamlType=null,botName=null

tls

cipher TLS_AES_256_GCM_SHA384
Version TLSv1.3
version TLSv1.3

Policy applied

Hit history

No sessions recorded yet.

Sessions are created when a visitor's activity gap exceeds 30 minutes.

Effective policy
Loading effective policy…
ASP.NET Pack — Auth events
JWKS health
OK

reachable

Auth pipeline
JWKS reachable
License
Licensed

ASP.NET pack enabled

OTel Mesh — Traces

Fingerprint timeline

0 observations

Span + log activity for this fingerprint, ordered by timestamp.

No timeline observations

no fingerprint id supplied

Signature: FQAT_NhooSZa6PVnpQaNxA | Processing: 12ms | Country: NL | UA: Indigo/416 CFNetwork/[phone] Darwin/25.5.0 | First seen: 2026-07-14 23:49:04 UTC