Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

22309

Total Threats

-43.1% vs prior 30d

20375

Active Threats

-47.3% vs prior 30d

8.7%

Neutralized

+2.5pp vs prior 30d

288

Critical Risk

+120.0% vs prior 30d

2260

Emerging (7d)

+3083.1% vs prior 30d

Executive Summary

Threat activity has decreased, with total detected threats declining 43.1% compared to the prior 30-day period. Of 22309 total threats, 288 classified as critical risk and 53.3% are email-capable (impersonation ready). Response posture is a gap requiring attention at 8.7% neutralization, up 2.5pp from the prior period — most identified threats remain unaddressed.

Last updated Mar 22, 2026 03:09

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

49.6% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

31%

6849

Infrastructure Ready

19%

4145

Active (Live)

40%

8879

Weaponized

22%

4999

Confirmed Phishing

524

Neutralized

1934

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
Squarespace Domains LLC	132	43	2%
NAME DOT STORE INC	130	10	2%
Hello Internet Corp	126	19	9%
NameCheap, Inc.	110	59	2%
Wild West Domains, LLC	109	25	0%
Tucows Domains Inc.	107	48	0%
Realtime Register B.V.	95	27	19%
Registrar of Domain Names REG.RU LLC	95	11	4%
Xin Net Technology Corporation	94	14	3%
OVH, SAS	93	38	1%

Top Nameservers

Nameserver	Count	Avg Risk
ns1.afternic.com., ns2.afternic.com.	724	29
ns1.dns-parking.com., ns2.dns-parking.com.	531	47
dns1.registrar-servers.com., dns2.registrar-servers.com.	531	58
nsg1.namebrightdns.com., nsg2.namebrightdns.com.	425	7
ns1.abovedomains.com., ns2.abovedomains.com.	424	36
ns1.dyna-ns.net., ns2.dyna-ns.net.	343	11
launch1.spaceship.net., launch2.spaceship.net.	272	15
ns1.dnsowl.com., ns2.dnsowl.com., ns3.dnsowl.com.	259	38
ns1.sedoparking.com., ns2.sedoparking.com.	258	22
ns1.parkingcrew.net., ns2.parkingcrew.net.	249	13

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

780

Taken Down

1239

Blacklisted

1934

Total Neutralized

Takedown Rate 3.5%

Blacklist Rate 5.6%

Neutralization Rate 8.7%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
vvww-find-lcloud.help BLOCKED	icloud.com	100	NameSilo, LLC	Live	5 days, 23 hours ago
klarnaco.com BLOCKED	klarna.com	100	Squarespace Domains II LLC	Parked	1 day, 23 hours ago
activate-coinbase.com BLOCKED	coinbase.com	100	HOSTINGER operations, UAB	Parked	23 hours, 49 minutes ago
barclaysbank.xyz BLOCKED	barclays.com	100	NameSilo, LLC	Offline	23 hours, 56 minutes ago
lnstagram.fun BLOCKED	instagram.com	100	HOSTINGER operations, UAB	Parked	1 day, 23 hours ago
nationwidedrone.com	nationwide.co.uk	100	HOSTINGER operations, UAB	Phishing	6 days, 23 hours ago
ḅinance.com (xn--inance-og7b.com) BLOCKED	binance.com	100	HOSTINGER operations, UAB	Parked	5 days ago
app-santander.com BLOCKED	santander.com	100	Squarespace Domains II LLC	Live	5 days, 23 hours ago
binarce.com BLOCKED	binance.com	95	NAMECHEAP INC	Offline	2 days ago
ḅinance.com	binance.com	95	HOSTINGER operations, UAB	Parked	3 days, 23 hours ago
auth-airwallex.sbs BLOCKED	airwallex.com	90	NameSilo, LLC	Parked	8 minutes ago
coinbase-wallet.online BLOCKED	coinbase.com	90	NameSilo, LLC	Offline	1 day, 23 hours ago
login-2fabankofamerica.com BLOCKED	bankofamerica.com	90	NameSilo, LLC	Parked	23 hours, 56 minutes ago
airwallexpro.sbs BLOCKED	airwallex.com	90	NameSilo, LLC	Parked	2 days ago
alignbooking.com BLOCKED	booking.com	90	GoDaddy.com, LLC	Live	3 days, 23 hours ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
robloxpacks.com	roblox.com	20	50	+30	+MX Records (15pts) +SPF Records (15pts)	Mar 20, 2026
vvww-find-lcloud.help BLOCKED	icloud.com	70	100	+30	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts) -Website Parked (5pts)	Mar 21, 2026
icloud-id6.top BLOCKED TAKEN DOWN	icloud.com	15	45	+30	+Blacklisted (30pts)	Mar 19, 2026
quickbooks-payment.com BLOCKED	quickbooks.intuit.com	50	80	+30	+Blacklisted (30pts)	Mar 20, 2026
automatticcheckout.com BLOCKED	checkout.com	10	40	+30	+Blacklisted (30pts) +Very Recent Domain (10pts)	Mar 21, 2026
security-slack.com BLOCKED	slack.com	55	85	+30	+Blacklisted (30pts)	Mar 17, 2026
payoneer-account.com BLOCKED	payoneer.com	30	60	+30	+Blacklisted (30pts) +Very Recent Domain (10pts) +Website Phishing (20pts)	Mar 14, 2026
chatbotiawhatsapp.com	whatsapp.com	20	50	+30	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 12, 2026
netflixteam.com BLOCKED	netflix.com	70	100	+30	+Blacklisted (30pts)	Mar 19, 2026
indogithubers.net	github.com	20	50	+30	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 17, 2026
nobookingfees.online	booking.com	10	40	+30	+MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingdyno.com	booking.com	45	75	+30	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 12, 2026
0185-binance.com BLOCKED	binance.com	20	50	+30	+Blacklisted (30pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 14, 2026
binance-inv.com	binance.com	20	50	+30	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 13, 2026
p4ypal.net	paypal.com	45	75	+30	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 12, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
31	citi.com	219	25	4	Low	3%
32	wechat.com	217	20	2	Low	1%
33	americanexpress.com	215	35	2	Medium	5%
34	walmart.com	214	26	8	Medium	6%
35	slack.com	206	26	6	Medium	1%
36	zoom.us	201	25	1	Low	2%
37	ebay.com	201	20	5	Low	4%
38	twitch.tv	200	20	2	Low	4%
39	asana.com	200	24	0	Low	2%
40	alipay.com	193	22	14	Low	2%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

4/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
31	citi.com	219	reject
32	wechat.com	217	quarantine
33	americanexpress.com	215	reject
34	walmart.com	214	reject
35	slack.com	206	reject
36	zoom.us	201	reject
37	ebay.com	201	reject
38	twitch.tv	200	reject
39	asana.com	200	quarantine
40	alipay.com	193	quarantine

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
1	morganstanley.com	37	75	15	Medium	0%
2	mashreq.com	36	75	41	Medium	2%
3	payoneer.com	36	90	151	Medium	5%
4	wellsfargo.com	35	95	106	Medium	29%
5	americanexpress.com	35	80	216	Medium	5%
6	quickbooks.intuit.com	34	80	119	Medium	8%
7	sumup.com	33	85	123	Medium	8%
8	servicenow.com	32	85	104	Medium	4%
9	mizuhogroup.com	32	70	14	Medium	0%
10	airwallex.com	32	90	85	Medium	9%