Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

33692

Total Threats

+52.4% vs prior 30d

30625

Active Threats

+60.3% vs prior 30d

9.1%

Neutralized

-4.8pp vs prior 30d

538

Critical Risk

+34.6% vs prior 30d

2337

Emerging (7d)

+7.7% vs prior 30d

Executive Summary

Threat activity has intensified, with total detected threats increasing 52.4% compared to the prior 30-day period. Of 33692 total threats, 538 classified as critical risk and 51.6% are email-capable (impersonation ready). Response posture is a gap requiring attention at 9.1% neutralization, down 4.8pp from the prior period — most identified threats remain unaddressed.

Last updated Apr 20, 2026 04:10

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

31.5% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

30%

10268

Infrastructure Ready

20%

6902

Active (Live)

37%

12547

Weaponized

21%

6950

Confirmed Phishing

944

Neutralized

3067

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	4198	24	2%
Dominet (HK) Limited	1457	33	1%
NAMECHEAP INC	1261	58	2%
NameSilo, LLC	1176	43	20%
HOSTINGER operations, UAB	864	50	8%
Dynadot Inc	757	21	3%
Cloudflare, Inc.	731	44	1%
Spaceship, Inc.	679	22	5%
Dynadot LLC	661	9	29%
TUCOWS.COM, CO.	622	45	2%

Top Nameservers

Nameserver	Count	Avg Risk
ns1.systemdns.com., ns2.systemdns.com., ns3.systemdns.com.	72	45
ns07.domaincontrol.com., ns08.domaincontrol.com.	71	24
ns27.domaincontrol.com., ns28.domaincontrol.com.	70	23
ns45.domaincontrol.com., ns46.domaincontrol.com.	70	25
ns11.domaincontrol.com., ns12.domaincontrol.com.	69	23
ns39.domaincontrol.com., ns40.domaincontrol.com.	68	22
ns17.domaincontrol.com., ns18.domaincontrol.com.	68	22
ns49.domaincontrol.com., ns50.domaincontrol.com.	68	19
ns59.domaincontrol.com., ns60.domaincontrol.com.	67	22
ns1.domainmx.com., ns2.domainmx.com.	66	20

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

1542

Taken Down

1693

Blacklisted

3067

Total Neutralized

Takedown Rate 4.6%

Blacklist Rate 5.0%

Neutralization Rate 9.1%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
secure-binance.com BLOCKED	binance.com	100	HOSTINGER operations, UAB	Live	5 days ago
2facoinbase.com BLOCKED	coinbase.com	100	TUCOWS.COM, CO.	Live	1 day, 14 hours ago
ws-booking.com BLOCKED	booking.com	100	NameCheap, Inc.	Parked	2 days ago
secured-help-coinbase.com BLOCKED	coinbase.com	100	Squarespace Domains II LLC	Parked	5 days ago
bankofamericacomplaint.com BLOCKED	bankofamerica.com	100	Squarespace Domains II LLC	Live	5 days ago
krakensmanagers.com	kraken.com	95	NameSilo, LLC	Parked	2 days ago
replykraken.org	kraken.com	95	NameSilo, LLC	Parked	5 days ago
realcloudhq.com	icloud.com	95	NAMECHEAP INC	Phishing	4 days ago
withrealcloud.com	icloud.com	95	NAMECHEAP INC	Phishing	4 days ago
getrealcloud.com	icloud.com	95	NAMECHEAP INC	Phishing	4 days ago
pay-checkouts.com BLOCKED	checkout.com	95	NAMECHEAP INC	Offline	4 days ago
hsbc-global.com BLOCKED	hsbc.com	90	NameSilo, LLC	Parked	1 day, 12 hours ago
enocparrabooking.com	booking.com	85	Squarespace Domains II LLC	Live	4 days ago
calabasasholdingicloud.com	icloud.com	85	HOSTINGER operations, UAB	Parked	5 days ago
epicgamesip.com	epicgames.com	85	NAMECHEAP INC	Live	5 days ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
appointment-bookings.com	booking.com	65	70	+5	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Apr 17, 2026
ironbooking.com	booking.com	65	70	+5	+Website Parked (5pts)	Apr 19, 2026
tools4atlassian.com	atlassian.com	40	45	+5	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Apr 19, 2026
servicenows.help	servicenow.com	35	40	+5	+Website Parked (5pts)	Apr 19, 2026
servicenows.click	servicenow.com	35	40	+5	+Website Parked (5pts)	Apr 19, 2026
krakenxgamessweeps2026.com	kraken.com	10	15	+5	+Website Parked (5pts)	Apr 17, 2026
paycheckoutv.com	checkout.com	65	70	+5	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Apr 17, 2026
aiagentbooking.com	booking.com	10	15	+5	+Very Recent Domain (10pts) +Website Parked (5pts)	Apr 17, 2026
aiagentbooking.info	booking.com	0	5	+5	+Website Parked (5pts)	Apr 17, 2026
way2whatsappmarketing.com	whatsapp.com	40	45	+5	+Website Parked (5pts)	Apr 18, 2026
replykraken.org	kraken.com	90	95	+5	+Website Parked (5pts)	Apr 19, 2026
helpicloudmail.help	icloud.com	60	65	+5	+Website Parked (5pts)	Apr 19, 2026
coinbaserecover.org BLOCKED	coinbase.com	60	65	+5	+Blacklisted (30pts) +MX Records (15pts) +SPF Records (15pts) +Website Parked (5pts)	Apr 15, 2026
coinbase-team.tech	coinbase.com	65	70	+5	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Apr 15, 2026
cloudbooking.app	booking.com	0	5	+5	+Website Parked (5pts)	Apr 19, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
1	booking.com	2853	32	300	Medium	6%
2	icloud.com	2449	31	292	Medium	14%
3	americanexpress.com	1904	31	4	Medium	1%
4	checkout.com	1251	26	54	Medium	7%
5	binance.com	1116	24	45	Low	18%
6	whatsapp.com	1072	20	27	Low	17%
7	shopify.com	947	23	53	Low	2%
8	intuit.com	808	33	79	Medium	4%
9	schwab.com	746	14	10	Low	31%
10	kraken.com	703	29	42	Medium	9%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

7/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
1	booking.com	2853	reject
2	icloud.com	2449	quarantine
3	americanexpress.com	1904	reject
4	checkout.com	1251	reject
5	binance.com	1116	quarantine
6	whatsapp.com	1072	reject
7	shopify.com	947	reject
8	intuit.com	808	reject
9	schwab.com	746	reject
10	kraken.com	703	reject

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
71	worldpay.com	25	75	96	Low	5%
72	verizon.com	25	95	244	Low	6%
73	xbox.com	25	75	153	Low	1%
74	airbnb.com	25	90	474	Low	12%
75	docusign.com	25	75	254	Low	13%
76	skrill.com	25	90	138	Low	8%
77	etsy.com	25	95	183	Low	4%
78	bnpparibas.com	25	100	73	Low	7%
79	binance.com	24	100	1116	Low	18%
80	statestreet.com	24	80	69	Low	1%