Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

23177

Total Threats

-38.6% vs prior 30d

21109

Active Threats

-43.3% vs prior 30d

8.9%

Neutralized

+2.7pp vs prior 30d

316

Critical Risk

+151.1% vs prior 30d

2281

Emerging (7d)

+1196.0% vs prior 30d

Executive Summary

Threat activity has decreased, with total detected threats declining 38.6% compared to the prior 30-day period. Of 23177 total threats, 316 classified as critical risk and 53.0% are email-capable (impersonation ready). Response posture is a gap requiring attention at 8.9% neutralization, up 2.7pp from the prior period — most identified threats remain unaddressed.

Last updated Mar 25, 2026 03:33

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

51.7% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

31%

7071

Infrastructure Ready

19%

4334

Active (Live)

40%

9170

Weaponized

22%

5113

Confirmed Phishing

555

Neutralized

2068

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	2908	23	1%
NAMECHEAP INC	839	56	2%
NameSilo, LLC	720	42	19%
Dynadot LLC	597	8	31%
Dynadot Inc	580	20	1%
HOSTINGER operations, UAB	543	51	6%
Spaceship, Inc.	486	20	6%
Cloudflare, Inc.	437	38	1%
TUCOWS.COM, CO.	383	47	1%
TurnCommerce, Inc. DBA NameBright.com	367	7	0%

Top Nameservers

Nameserver	Count	Avg Risk
ns1.afternic.com., ns2.afternic.com.	728	29
ns1.dns-parking.com., ns2.dns-parking.com.	569	47
dns1.registrar-servers.com., dns2.registrar-servers.com.	562	58
nsg1.namebrightdns.com., nsg2.namebrightdns.com.	436	7
ns1.abovedomains.com., ns2.abovedomains.com.	424	36
ns1.dyna-ns.net., ns2.dyna-ns.net.	341	11
launch1.spaceship.net., launch2.spaceship.net.	287	16
ns1.dnsowl.com., ns2.dnsowl.com., ns3.dnsowl.com.	284	38
ns1.sedoparking.com., ns2.sedoparking.com.	259	22
ns1.parkingcrew.net., ns2.parkingcrew.net.	249	13

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

866

Taken Down

1293

Blacklisted

2068

Total Neutralized

Takedown Rate 3.7%

Blacklist Rate 5.6%

Neutralization Rate 8.9%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
tnvroblox.com	roblox.com	55	HOSTINGER operations, UAB	Phishing	1 day, 23 hours ago
bookingvilladalat.com	booking.com	55	NAMECHEAP INC	Phishing	2 days ago
receipttoquickbooks.com	quickbooks.intuit.com	55	NAMECHEAP INC	Phishing	6 days, 23 hours ago
tdsavings.com BLOCKED	td.com	55	Web4Africa Inc.	Live	23 hours, 14 minutes ago
auth-airwallex.click BLOCKED	airwallex.com	55	NameSilo, LLC	Offline	4 days ago
mttaicloud.org	icloud.com	55	101domain GRS Limited	Parked	5 days, 23 hours ago
binancehelp.digital	binance.com	55	-	Offline	3 days ago
squarespacesites.com	squarespace.com	55	GoDaddy.com, LLC	Parked	1 day, 23 hours ago
vnkyc-binance.com	binance.com	55	GMO Internet, Inc.	Offline	6 days ago
egithub.xyz BLOCKED	github.com	55	Xin Net Technology Corp.	Offline	6 days, 23 hours ago
therealjsettesroblox.com	roblox.com	55	Wix.com Ltd.	Phishing	6 days, 23 hours ago
invoicetoquickbooks.com	quickbooks.intuit.com	55	NAMECHEAP INC	Phishing	6 days, 23 hours ago
bookingsuarez.com	booking.com	55	HOSTINGER operations, UAB	Phishing	5 days ago
epicwhatsappotp.com	whatsapp.com	55	HOSTINGER operations, UAB	Phishing	6 days, 23 hours ago
qarebbooking.com	booking.com	55	GoDaddy.com, LLC	Parked	5 days ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
payoneerradio.com	payoneer.com	45	85	+40	+Dangerous Email Provider (10pts) +Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 09, 2026
payoneercommunity.com	payoneer.com	45	85	+40	+Dangerous Email Provider (10pts) +Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 09, 2026
payoneerinternational.com	payoneer.com	45	85	+40	+Dangerous Email Provider (10pts) +Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 09, 2026
payoneerregional.com	payoneer.com	45	85	+40	+Dangerous Email Provider (10pts) +Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 09, 2026
schwab-62.cyou BLOCKED	schwab.com	0	40	+40	+Blacklisted (30pts)	Mar 08, 2026
volandodesdesantander.com	santander.com	10	50	+40	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 11, 2026
robloxxmodapk.com	roblox.com	10	50	+40	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 08, 2026
capitalonebn.com	capitalone.com	0	40	+40	+MX Records (15pts) +SPF Records (15pts)	Mar 08, 2026
rhu-tampilisan-appointmentbooking.com	booking.com	35	75	+40	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
allpayclick.com	alipay.com	10	50	+40	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 12, 2026
nodea.no	nordea.no	10	50	+40	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 12, 2026
burke85icloud.com	icloud.com	35	75	+40	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
best-neteller-casinos.net	neteller.com	10	50	+40	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
doordashanalytics.com	doordash.com	10	50	+40	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts)	Mar 08, 2026
bookingbuddy-hotels.com	booking.com	20	60	+40	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 06, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
21	td.com	292	25	4	Low	2%
22	chase.com	284	31	11	Medium	6%
23	americanexpress.com	284	36	2	Medium	4%
24	sap.com	273	26	1	Medium	1%
25	aliexpress.com	271	26	4	Medium	4%
26	paypal.com	257	29	15	Medium	33%
27	onedrive.live.com	254	19	1	Low	2%
28	godaddy.com	250	19	3	Low	1%
29	salesforce.com	236	27	6	Medium	3%
30	wechat.com	234	20	2	Low	1%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

7/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
21	td.com	292	reject
22	chase.com	284	reject
23	americanexpress.com	284	reject
24	sap.com	273	reject
25	aliexpress.com	271	reject
26	paypal.com	257	reject
27	onedrive.live.com	254	reject
28	godaddy.com	250	reject
29	salesforce.com	236	reject
30	wechat.com	234	quarantine

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
1	morganstanley.com	37	75	15	Medium	0%
2	americanexpress.com	36	80	284	Medium	4%
3	quickbooks.intuit.com	36	85	129	Medium	8%
4	payoneer.com	36	90	153	Medium	5%
5	mashreq.com	36	75	42	Medium	2%
6	wellsfargo.com	35	95	107	Medium	30%
7	sumup.com	33	85	123	Medium	8%
8	mizuhogroup.com	32	70	14	Medium	0%
9	servicenow.com	32	85	104	Medium	4%
10	airwallex.com	32	90	86	Medium	9%