An Enrichment score is a cumulative score (calculated differently for domains and IPs) that includes all data and scores from each enriched attribute.

Domain Enrichment scores

• Curated Feed History Score - The on the frequency and recency of an observable's presence within trusted feeds
• NS Reputation - The ratio of blacklisted domains, taken from the total number of domains using a nameserver
• NS Entropy - A score that includes recency, frequency, and the number of nameserver changes
• Generated domain probability - How likely it is that a domain was created by an domain generation algorithm

IP Enrichment scores

• Curated Feed History Score - A score based on the frequency and recency of an observables presence within trusted feeds
• ASN Rank - A ranking of ASNs that host threats listed within feeds. ASN Rank is calculated using a weighted formula based on the type of threat observed
• ASN Takedown Reputation - A reputation score based on the time it takes for an ASN owner to react to takedown requests related to malicious URLs. A higher reputation score indicates the ASN owner is slow to react to takedown requests
• ASN Reputation - The ratio of blacklisted IPs, taken from from the total number of IPs that have been observed as being active within an ASN, in the last 30 days
• Subnet Reputation - The ratio of blacklisted IPs, taken from the total number of IPs that have been observed as being active within a particular subnet in the last 30 days