[Radar] Update glossary (#19378)

---------

Co-authored-by: Pedro Sousa <[email protected]>

Author: andre-j3sus

.gitignore

@@ -25,4 +25,6 @@ pnpm-debug.log*
 
 .wrangler
 /assets/secrets
-/worker/functions/
+/worker/functions/
+
+.idea

src/content/docs/radar/concepts/aggregation-intervals.mdx

@@ -17,3 +17,4 @@ For example, when requesting one day of data, the default aggregation interval i
 | `15m`                | 15 minutes frequency. |
 | `1h`                 | One hour frequency.   |
 | `1d`                 | One day frequency.    |
+| `1w`                 | One week frequency.   |

src/content/docs/radar/concepts/bot-classes.mdx

@@ -8,7 +8,7 @@ sidebar:
 
 A bot class in Radar is a grouping of [bot scores](/bots/concepts/bot-score).
 
-Scores between 1 to 29 are classified as bot traffic. Scores equal or above 30 are classified as non-bot/human traffic.
+Scores between 1 and 29 are classified as bot traffic. Scores equal or above 30 are classified as non-bot/human traffic.
 
 | Class                | Description                  |
 | -------------------- | ---------------------------- |

src/content/docs/radar/concepts/normalization.mdx

@@ -12,12 +12,13 @@ Refer to the `result.meta.normalization` property in the response to check which
 
 ## Method
 
-| Method              | Description                                                                                                                                                                      |
-| ------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `PERCENTAGE`        | Values represent percentages.                                                                                                                                                    |
-| `PERCENTAGE_CHANGE` | Values represent a [percentage change](https://en.wikipedia.org/wiki/Relative_change_and_difference#Percentage_change) from a baseline period.                                   |
-| `MIN_MAX`           | Values have been normalized using [min-max](https://en.wikipedia.org/wiki/Feature_scaling#Rescaling_\(min-max_normalization\)).                                                  |
-| `MIN0_MAX`          | Values have been normalized using min-max, but setting the minimum value to `0`. Equivalent to a proportion of the maximum value in the entire response, scaled between 0 and 1. |
-| `RAW_VALUES`        | Values are raw and have not been changed.                                                                                                                                        |
+| Method                  | Description                                                                                                                                                                      |
+| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `PERCENTAGE`            | Values represent percentages.                                                                                                                                                    |
+| `PERCENTAGE_CHANGE`     | Values represent a [percentage change](https://en.wikipedia.org/wiki/Relative_change_and_difference#Percentage_change) from a baseline period.                                   |
+| `OVERLAPPED_PERCENTAGE` | Values represent percentages that exceed 100% due to overlap.                                                                                                                    |
+| `MIN_MAX`               | Values have been normalized using [min-max](https://en.wikipedia.org/wiki/Feature_scaling#Rescaling_\(min-max_normalization\)).                                                  |
+| `MIN0_MAX`              | Values have been normalized using min-max, but setting the minimum value to `0`. Equivalent to a proportion of the maximum value in the entire response, scaled between 0 and 1. |
+| `RAW_VALUES`            | Values are raw and have not been changed.                                                                                                                                        |
 
 If you want to compare values across locations/time ranges/etc., in endpoints that normalize values using min-max, you must do so in the same request. This is done by asking for multiple series. All values will then be normalized using the same minimum and maximum value and can safely be compared against each other. Refer to [Make comparisons](/radar/get-started/making-comparisons/) for more information.

src/content/docs/radar/get-started/error-codes.mdx

@@ -1,11 +1,11 @@
 ---
 pcx_content_type: reference
-title: Radar API Error Codes
+title: Radar API error codes
 sidebar:
   order: 3
 head:
   - tag: title
-    content: Radar API Error Codes
+    content: Radar API error codes
 
 ---
 

src/content/docs/radar/get-started/making-comparisons.mdx

@@ -8,7 +8,7 @@ sidebar:
 
 When comparing time series, across locations/time ranges/etc., in endpoints that normalize values using [min-max](/radar/concepts/normalization), you must do so in the same request. This is done by asking for multiple series. All values will then be normalized using the same minimum and maximum value and can safely be compared against each other.
 
-[Netflows](/radar/investigate/netflows) values are normalized using [min0-max](/radar/concepts/normalization), so we will use it as an example. Refer to [Get NetFlow time series](/api/resources/radar/subresources/netflows/methods/timeseries/) for more information.
+[NetFlows](/radar/investigate/netflows) values are normalized using [min0-max](/radar/concepts/normalization), so we will use it as an example. Refer to [Get NetFlow time series](/api/resources/radar/subresources/netflows/methods/timeseries/) for more information.
 
 ## Compare locations
 
@@ -27,7 +27,7 @@ The second series has the following parameters:
 
 `name=pt_data&dateRange=7d&location=PT`
 
-All of these parameters are arrays and it is the position in the array that defines the series the filter belongs to. Refer to [NetFlow's endpoint](/api/resources/radar/subresources/netflows/methods/timeseries/) for more information on the available parameters.
+All of these parameters are arrays, and it is the position in the array that defines the series the filter belongs to. Refer to [NetFlow's endpoint](/api/resources/radar/subresources/netflows/methods/timeseries/) for more information on the available parameters.
 
 The response (shortened below for brevity) uses the provided `name` property to wrap the timestamps and corresponding values. If we chart this data, it becomes obvious that Cloudflare received much less traffic from Portugal than from the United States.
 
@@ -50,6 +50,7 @@ The response (shortened below for brevity) uses the provided `name` property to
         "endTime": "2022-11-02T17:00:00Z"
       },
       "aggInterval": "ONE_HOUR",
+			// ...
     }
   }
 }
@@ -113,13 +114,15 @@ In the above example, we requested for an [aggregation interval](/radar/concepts
 The `result` property should return a response like this:
 
 ```json
-"tonga": {
-  "timestamps": ["2022-10-15T02:00:00Z", "2022-10-15T03:00:00Z", "2022-10-15T04:00:00Z", "2022-10-15T05:00:00Z"],
-  "values": ["1.0", "0.832473", "0.820083", "0.79408"]
-},
-"tonga_outage": {
-  "timestamps": ["2022-01-15T02:00:00Z", "2022-01-15T03:00:00Z", "2022-01-15T04:00:00Z", "2022-01-15T05:00:00Z"],
-  "values": ["0.354105", "0.357287", "0.181811", "0.044198"]
+{
+	"tonga": {
+		"timestamps": ["2022-10-15T02:00:00Z", "2022-10-15T03:00:00Z", "2022-10-15T04:00:00Z", "2022-10-15T05:00:00Z"],
+		"values": ["1.0", "0.832473", "0.820083", "0.79408"]
+	},
+	"tonga_outage": {
+		"timestamps": ["2022-01-15T02:00:00Z", "2022-01-15T03:00:00Z", "2022-01-15T04:00:00Z", "2022-01-15T05:00:00Z"],
+		"values": ["0.354105", "0.357287", "0.181811", "0.044198"]
+	}
 }
 ```
 

src/content/docs/radar/glossary.mdx

@@ -110,6 +110,10 @@ Internet connectivity can experience outages or disruptions due to a number of f
 
 An early warning signal that an Internet outage may be underway on a given network or in a given country is an anomalous drop in traffic as compared to historical traffic patterns and trends. Internet anomalies listed in the Cloudflare Radar Outage Center represent an algorithmically-observed anomalous drop in traffic for the listed entity. If a given entry is marked as verified, it means that we have manually corroborated the observed drop in traffic across multiple Cloudflare data sources and/or third-party sources such as [IODA](https://ioda.inetintel.cc.gatech.edu/), or third-party sources of information, such as those listed above. In the case of the latter, an associated Internet outage event will be opened, with the event listed in the Internet Outages table (and API).
 
+## Internet services ranking
+
+Internet services ranking is based on our anonymized and aggregated 1.1.1.1 resolver data, complies with our [privacy policy](https://www.cloudflare.com/en-gb/privacypolicy/), and aims to identify the top most popular Internet services that reflect how people use the Internet globally. A service represents one or more domains aggregated together. Ranking popularity metric is best described as the estimated number of unique users that access domains associated with a service, over some period of time.
+
 ## Internet traffic trends
 
 Trends observed in Internet traffic originating globally or within a given location or autonomous system within the selected time range, based on aggregated data from our network.
@@ -154,6 +158,14 @@ Network-level DDoS attacks graphs are based on traffic measured in bytes.
 
 The Post-Quantum Encryption Adoption graph shows the share of HTTPS requests to Cloudflare that are encrypted with post-quantum (PQ) cryptography. Additional details about Cloudflare's support for PQ cryptography can be found at [Cloudflare Research](https://pq.cloudflareresearch.com/).
 
+## Robots.txt
+
+A [robots.txt](https://www.cloudflare.com/learning/bots/what-is-robots-txt/) file contains instructions for bots that tell them which webpages they can and cannot access.
+
+The data displayed for robots.txt is based on successfully parsed robots.txt files from the top 10,000 domains. From these files, we count the occurrences of each user agent under the "Allow" and "Disallow" directives. A user agent is classified as "fully allowed" or "fully disallowed" if the directive value is "*". Otherwise, if the user agent is only allowed or disallowed to crawl specific paths, it is classified as "partially allowed" or "partially disallowed."
+
+Currently, we only include AI-focused user agents listed in the [ai.robots.txt](https://github.com/ai-robots-txt/ai.robots.txt) repository.
+
 ## TCP resets and timeouts
 
 In the Transmission Control Protocol (TCP), client-initiated connection resets (via the RST flag, TCP's "panic button") are atypical, and indicate to the server that *something went wrong* requiring the connection to be closed immediately. Similarly, connection timeouts (where the server closes a connection due to an unresponsive client) should not happen in conventional data exchanges. For comparison, a typical TCP connection consists of a 3-way handshake initiated by a client with a SYN packet to the server, then a data exchange moderated with ACK and PSH flags in the data packets, and finally a graceful close initiated from either side with a FIN packet. A FIN close is considered graceful because it ensures both sides complete their data transfer before closing the connection. In contrast, a timeout or RST flag triggers a hard stop, even if data is waiting to be sent or acknowledged. See [RFC 9293](https://datatracker.ietf.org/doc/html/rfc9293) for more details on the TCP protocol.
@@ -205,3 +217,7 @@ The data displayed on domain-specific geographic traffic patterns is based solel
 ## WHOIS
 
 WHOIS is a standard for publishing the contact and nameserver information for all registered domains. Each registrar maintains their own WHOIS service. Anyone can query the registrar's WHOIS service to reveal the data behind a given domain.
+
+## Workers AI
+
+[Workers AI](/workers-ai/) allows you to run machine learning models, on the Cloudflare network, from your own code -- whether that be from Workers, Pages, or anywhere via the Cloudflare API. The data displayed for Workers AI is based on the number of Cloudflare accounts using a model during a specific time interval.

src/content/docs/radar/investigate/application-layer-attacks.mdx

@@ -30,7 +30,7 @@ Like in [HTTP requests](/radar/investigate/http-requests), these endpoints can b
 Let us examine the global distribution of mitigated requests by product.
 
 ```bash
-curl "https://api.cloudflare.com/client/v4/radar/attacks/layer7/timeseries_groups?aggInterval=1h&dateRange=1d&name=attacks&format=json" \
+curl "https://api.cloudflare.com/client/v4/radar/attacks/layer7/timeseries_groups/mitigation_product?aggInterval=1h&dateRange=1d&name=attacks&format=json" \
 --header "Authorization: Bearer <API_TOKEN>"
 ```
 
@@ -56,6 +56,7 @@ From the abbreviated response below, we can conclude that distributed denial-of-
         "startTime": "2022-11-05T11:00:00Z",
         "endTime": "2022-11-06T11:00:00Z"
       },
+			// ...
     }
   }
 }
@@ -75,14 +76,23 @@ curl "https://api.cloudflare.com/client/v4/radar/attacks/layer7/summary?location
 ```
 
 ```json
-"attacks_gb": {
-  "waf": "75.012138",
-  "ddos": "18.539149",
-  "ip_reputation": "5.721021",
-  "access_rules": "0.592515",
-  "bot_management": "0.131998",
-  "api_shield": "0.003178",
-  "data_loss_prevention": "0.0"
+{
+  "success": true,
+  "errors": [],
+  "result": {
+		"attacks_gb": {
+			"waf": "75.012138",
+			"ddos": "18.539149",
+			"ip_reputation": "5.721021",
+			"access_rules": "0.592515",
+			"bot_management": "0.131998",
+			"api_shield": "0.003178",
+			"data_loss_prevention": "0.0"
+  	},
+		"meta": {
+			// ...
+    }
+	}
 }
 ```
 
@@ -106,37 +116,44 @@ curl "https://api.cloudflare.com/client/v4/radar/attacks/layer7/top/locations/ta
   "success": true,
   "errors": [],
   "result": {
-    "attacks_target": [{
-      "targetCountryName": "Belgium",
-      "targetCountryAlpha2": "BE",
-      "value": "18.536740",
-      "rank": 1
-    }, {
-      "targetCountryName": "United States",
-      "targetCountryAlpha2": "US",
-      "value": "16.116210",
-      "rank": 2
-    }, {
-      "targetCountryName": "China",
-      "targetCountryAlpha2": "CN",
-      "value": "13.864696",
-      "rank": 3
-    }, {
-      "targetCountryName": "India",
-      "targetCountryAlpha2": "IN",
-      "value": "4.344139",
-      "rank": 4
-    }, {
-      "targetCountryName": "Germany",
-      "targetCountryAlpha2": "DE",
-      "value": "4.182777",
-      "rank": 5
-    }],
+    "attacks_target": [
+			{
+				"targetCountryName": "Belgium",
+				"targetCountryAlpha2": "BE",
+				"value": "18.536740",
+				"rank": 1
+			},
+			{
+				"targetCountryName": "United States",
+				"targetCountryAlpha2": "US",
+				"value": "16.116210",
+				"rank": 2
+			},
+			{
+				"targetCountryName": "China",
+				"targetCountryAlpha2": "CN",
+				"value": "13.864696",
+				"rank": 3
+			},
+			{
+				"targetCountryName": "India",
+				"targetCountryAlpha2": "IN",
+				"value": "4.344139",
+				"rank": 4
+			},
+			{
+				"targetCountryName": "Germany",
+				"targetCountryAlpha2": "DE",
+				"value": "4.182777",
+				"rank": 5
+			}
+		],
     "meta": {
       "dateRange": {
         "startTime": "2022-11-05T12:00:00Z",
         "endTime": "2022-11-06T12:00:00Z"
       },
+			// ...
     }
   }
 }
@@ -159,43 +176,58 @@ curl "https://api.cloudflare.com/client/v4/radar/attacks/layer7/top/attacks?limi
 
 A typical response will be similar to the following:
 
-```
-[{
-  "originCountryName": "United States",
-  "originCountryAlpha2": "US",
-  "targetCountryName": "United States",
-  "targetCountryAlpha2": "US",
-  "value": "3.790724",
-  "rank": 1
-}, {
-  "originCountryName": "United States",
-  "originCountryAlpha2": "US",
-  "targetCountryName": "Belgium",
-  "targetCountryAlpha2": "BE",
-  "value": "3.602177",
-  "rank": 2
-}, {
-  "originCountryName": "China",
-  "originCountryAlpha2": "CN",
-  "targetCountryName": "Netherlands",
-  "targetCountryAlpha2": "NL",
-  "value": "3.017341",
-  "rank": 3
-}, {
-  "originCountryName": "China",
-  "originCountryAlpha2": "CN",
-  "targetCountryName": "China",
-  "targetCountryAlpha2": "CN",
-  "value": "2.472068",
-  "rank": 4
-}, {
-  "originCountryName": "Indonesia",
-  "originCountryAlpha2": "ID",
-  "targetCountryName": "China",
-  "targetCountryAlpha2": "CN",
-  "value": "2.056729",
-  "rank": 5
-}]
+```json
+{
+  "success": true,
+  "errors": [],
+  "result": {
+		"top_0": [
+			{
+				"originCountryName": "United States",
+				"originCountryAlpha2": "US",
+				"targetCountryName": "United States",
+				"targetCountryAlpha2": "US",
+				"value": "3.790724",
+				"rank": 1
+			},
+			{
+				"originCountryName": "United States",
+				"originCountryAlpha2": "US",
+				"targetCountryName": "Belgium",
+				"targetCountryAlpha2": "BE",
+				"value": "3.602177",
+				"rank": 2
+			},
+			{
+				"originCountryName": "China",
+				"originCountryAlpha2": "CN",
+				"targetCountryName": "Netherlands",
+				"targetCountryAlpha2": "NL",
+				"value": "3.017341",
+				"rank": 3
+			},
+			{
+				"originCountryName": "China",
+				"originCountryAlpha2": "CN",
+				"targetCountryName": "China",
+				"targetCountryAlpha2": "CN",
+				"value": "2.472068",
+				"rank": 4
+			},
+			{
+				"originCountryName": "Indonesia",
+				"originCountryAlpha2": "ID",
+				"targetCountryName": "China",
+				"targetCountryAlpha2": "CN",
+				"value": "2.056729",
+				"rank": 5
+			}
+		],
+    "meta": {
+			// ...
+    }
+  }
+}
 ```
 
 This means that 3.79% of all mitigated requests are from and to the US, 3.6% of all mitigated requests are from the US to Belgium, etc..