Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

30029

Total Threats

+57.3% vs prior 30d

27309

Active Threats

+60.2% vs prior 30d

9.1%

Neutralized

-2.9pp vs prior 30d

440

Critical Risk

+76.1% vs prior 30d

2590

Emerging (7d)

+20.6% vs prior 30d

Executive Summary

Threat activity has intensified, with total detected threats increasing 57.3% compared to the prior 30-day period. Of 30029 total threats, 440 classified as critical risk and 52.9% are email-capable (impersonation ready). Response posture is a gap requiring attention at 9.1% neutralization, down 2.9pp from the prior period — most identified threats remain unaddressed.

Last updated Apr 07, 2026 18:24

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

37.2% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

30%

8994

Infrastructure Ready

20%

6111

Active (Live)

38%

11413

Weaponized

21%

6443

Confirmed Phishing

821

Neutralized

2720

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	3884	24	2%
NAMECHEAP INC	1109	57	2%
NameSilo, LLC	1001	42	19%
Dominet (HK) Limited	976	34	1%
Dynadot Inc	701	21	2%
HOSTINGER operations, UAB	686	50	6%
Cloudflare, Inc.	622	42	1%
Dynadot LLC	614	9	30%
Spaceship, Inc.	597	22	5%
TUCOWS.COM, CO.	503	46	2%

Top Nameservers

Nameserver	Count	Avg Risk
a6.share-dns.com., b6.share-dns.net.	24	12
amir.ns.cloudflare.com., phoenix.ns.cloudflare.com.	24	10
ns1.judns.com., ns2.judns.com.	24	13
dns21.hichina.com., dns22.hichina.com.	23	31
ns111373.ztomy.com., ns211373.ztomy.com.	23	34
dns19.hichina.com., dns20.hichina.com.	23	36
ns1.netnames.net., ns2.netnames.net., ns5.netnames.net.	23	19
a.dns.gandi.net., b.dns.gandi.net., c.dns.gandi.net.	23	25
ns01.trademarkarea.com., ns02.trademarkarea.com., ns03.trademarkarea.com.	23	10
artemis.dns-parking.com., hermes.dns-parking.com.	23	48

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

1316

Taken Down

1556

Blacklisted

2720

Total Neutralized

Takedown Rate 4.4%

Blacklist Rate 5.2%

Neutralization Rate 9.1%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
banzbooking.com	booking.com	50	Realtime Register B.V.	Live	1 day, 15 hours ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
allbookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
askbookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
upbookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
justbookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingapp.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
gobookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
topbooking.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
nowbooking.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
getbookings.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingpath.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingbase.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingzone.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
usebooking.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
bookingway.shop	booking.com	10	40	+30	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 19, 2026
binance123.com BLOCKED	binance.com	20	50	+30	+Blacklisted (30pts)	Mar 26, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
1	booking.com	2299	31	239	Medium	6%
2	icloud.com	1969	31	226	Medium	15%
3	americanexpress.com	1383	32	2	Medium	1%
4	checkout.com	1105	26	43	Medium	8%
5	binance.com	950	23	31	Low	19%
6	whatsapp.com	931	20	22	Low	15%
7	shopify.com	808	22	38	Low	2%
8	schwab.com	730	14	8	Low	32%
9	intuit.com	655	32	63	Medium	4%
10	wise.com	614	27	9	Medium	2%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

7/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
1	booking.com	2299	reject
2	icloud.com	1969	quarantine
3	americanexpress.com	1383	reject
4	checkout.com	1105	reject
5	binance.com	950	quarantine
6	whatsapp.com	931	reject
7	shopify.com	808	reject
8	schwab.com	730	reject
9	intuit.com	655	reject
10	wise.com	614	reject

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
1	payoneer.com	38	90	172	Medium	4%
2	sumup.com	37	85	150	Medium	7%
3	quickbooks.intuit.com	37	95	171	Medium	7%
4	wellsfargo.com	36	95	127	Medium	27%
5	airwallex.com	35	90	101	Medium	14%
6	mashreq.com	35	75	51	Medium	4%
7	morganstanley.com	33	75	20	Medium	15%
8	intuit.com	32	100	655	Medium	4%
9	mizuhogroup.com	32	70	14	Medium	0%
10	servicenow.com	32	85	128	Medium	4%