For this challenge, we are asked a simple question: "Slowloris DDoS targets which layer?"

Doing a quick google search on Slowloris DDos, we find that Cloudflare has a page on the topic.

Link: https://www.cloudflare.com/learning/ddos/ddos-attack-tools/slowloris/

Result: Going through the page, we learn that Slowloris is an application layer attack.

Flag: riftCTF{Application}