Layer7 Dstat — Live Application-Layer Traffic
A Layer7 Dstat is a real-time graph of application traffic — the HTTP/HTTPS requests per second that actually reach a web server during a test. This guide explains what a Layer7 Dstat measures, how it differs from a Layer4 Dstat, and how to read one. All live targets monitored here are Layer7 Dstats.
What is a Layer7 Dstat?
A Layer7 Dstat measures traffic at the application layer (OSI Layer 7): the HTTP/HTTPS requests per second (RPS) that reach the web server. It reflects request-based attacks such as HTTP floods and cache-bypass methods, and shows whether protection layers like a WAF, JS challenge (UAM), managed challenge (CAPTCHA) or rate limit are actually filtering the requests.
Because Layer 7 is where real application logic runs, a Layer7 Dstat is the right lens for measuring how well defenses hold up — total volume alone says nothing; what matters is how many requests are allowed, bypass protection, or get blocked.
Layer7 Dstat vs Layer4 Dstat
A Layer7 Dstat is measured in requests per second and reflects application / CPU cost; a Layer4 Dstat is measured in bandwidth (Gbps) and packets per second (pps) and reflects raw network saturation. Layer 7 is defended at the edge with WAFs and challenges, while Layer 4 is mitigated upstream with scrubbing and capacity.
How to read a Layer7 Dstat
Watch the requests-per-second line for total Layer7 throughput, then the allowed / bypassed / blocked breakdown to judge effectiveness against a protected target. A high request rate with a high blocked share means the edge is filtering most traffic; a sustained allowed / bypassed share is what indicates a method genuinely penetrates the protection.
Related Live Dstat Examples (Layer 7)
- Request Count DstatFree live Request Count Dstat: a real-time Layer7 graph of raw HTTP requests per second hitting an unprotected endpoint. No registration, refreshes every few seconds.
- Cloudflare DstatFree live Cloudflare Dstat: real-time graph of requests behind Cloudflare, broken down into allowed 200s, bypassed and blocked — see what actually gets through.
- Cloudflare UAM DstatUAMFree live Cloudflare UAM Dstat: a target running Under Attack Mode — every visitor must pass a JS challenge. Watch in real time how many requests solve it.
- Cloudflare CAPTCHA DstatCAPTCHAFree live Cloudflare CAPTCHA Dstat: a target behind Cloudflare's managed challenge (Turnstile) — the hardest Layer7 filter. See what actually gets through, live.
Layer7 Dstat FAQ
What does a Layer7 Dstat measure?
Application-layer traffic: the HTTP/HTTPS requests per second (RPS) reaching the web server, plus how many are allowed, bypass protection or get blocked.
What is the difference between a Layer7 Dstat and a Layer4 Dstat?
A Layer7 Dstat tracks requests per second (application attacks); a Layer4 Dstat tracks bandwidth and packets (volumetric attacks). Layer 7 overwhelms the application, Layer 4 saturates the network.
Why does total request volume not tell the whole story?
Against a protected target, what matters is how many requests are allowed or bypass the protection versus blocked at the edge. A Layer7 Dstat shows that breakdown, which raw volume alone cannot.