Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

34400

Total Threats

+37.9% vs prior 30d

30859

Active Threats

+39.7% vs prior 30d

10.3%

Neutralized

-3.5pp vs prior 30d

562

Critical Risk

+26.9% vs prior 30d

2393

Emerging (7d)

+8.3% vs prior 30d

Executive Summary

Threat activity has intensified, with total detected threats increasing 37.9% compared to the prior 30-day period. Of 34400 total threats, 562 classified as critical risk and 51.1% are email-capable (impersonation ready). Response posture is a gap requiring attention at 10.3% neutralization, down 3.5pp from the prior period — most identified threats remain unaddressed.

Last updated Apr 22, 2026 14:38

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

30.7% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

30%

10452

Infrastructure Ready

20%

6887

Active (Live)

37%

12600

Weaponized

20%

7005

Confirmed Phishing

961

Neutralized

10%

3541

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	4240	24	2%
Dominet (HK) Limited	1622	27	20%
NAMECHEAP INC	1285	58	3%
NameSilo, LLC	1209	43	21%
HOSTINGER operations, UAB	889	50	8%
Dynadot Inc	765	21	2%
Cloudflare, Inc.	746	44	1%
Spaceship, Inc.	683	22	6%
Dynadot LLC	663	9	29%
TUCOWS.COM, CO.	642	45	2%

Top Nameservers

Nameserver	Count	Avg Risk
ns7.alidns.com., ns8.alidns.com.	1667	31
ns1.afternic.com., ns2.afternic.com.	881	29
dns1.registrar-servers.com., dns2.registrar-servers.com.	875	60
ns1.dns-parking.com., ns2.dns-parking.com.	640	46
nsg1.namebrightdns.com., nsg2.namebrightdns.com.	612	8
ns1.dyna-ns.net., ns2.dyna-ns.net.	515	12
ns1.dnsowl.com., ns2.dnsowl.com., ns3.dnsowl.com.	477	39
ns1.abovedomains.com., ns2.abovedomains.com.	440	36
curitiba.ns.porkbun.com., fortaleza.ns.porkbun.com., maceio.ns.porkbun.com.	391	42
launch1.spaceship.net., launch2.spaceship.net.	388	18

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

1991

Taken Down

1735

Blacklisted

3541

Total Neutralized

Takedown Rate 5.8%

Blacklist Rate 5.0%

Neutralization Rate 10.3%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
kashiboatbooking.com	booking.com	75	NAMECHEAP INC	Live	1 day, 11 hours ago
booking4d.net	booking.com	75	NameSilo, LLC	Live	2 days, 11 hours ago
africloudlabs.com	icloud.com	75	HOSTINGER operations, UAB	Live	6 days, 10 hours ago
wvvw-lcloud-com.help	icloud.com	75	NameSilo, LLC	Live	6 days, 10 hours ago
whatssapp.bond BLOCKED	whatsapp.com	75	HOSTINGER operations, UAB	Live	1 day, 10 hours ago
shopify-hub.org	shopify.com	75	Cloudflare, Inc.	Live	3 days, 10 hours ago
expediatravelca.com	expedia.com	75	Cloudflare, Inc.	Live	5 days, 10 hours ago
velourabooking.com	booking.com	75	Squarespace Domains II LLC	Offline	3 days, 11 hours ago
jcflore2008icloud.com	icloud.com	75	Cloudflare, Inc.	Live	6 days, 10 hours ago
godaddytoday.net	godaddy.com	75	Cloudflare, Inc.	Live	5 days, 10 hours ago
b4nkkokkaiicloud.icu	icloud.com	75	Cloudflare, Inc.	Live	4 days, 10 hours ago
nrii277472icloud.com	icloud.com	75	Cloudflare, Inc.	Live	6 days, 10 hours ago
l-lcloud.help	icloud.com	75	NameSilo, LLC	Live	2 days, 11 hours ago
vertexstudioroblox.com	roblox.com	75	Squarespace Domains II LLC	Offline	6 days, 10 hours ago
coinbaseservices.com	coinbase.com	75	HOSTINGER operations, UAB	Live	6 days, 10 hours ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
eliteexpertsysanchorvitalcloud.top	icloud.com	65	70	+5	+Website Parked (5pts)	Apr 18, 2026
akilicloud.com	icloud.com	35	40	+5	+Website Parked (5pts)	Apr 13, 2026
globalcloudsupremedriveattain.top	icloud.com	65	70	+5	+Website Parked (5pts)	Apr 18, 2026
checkoutdeveuperdeu.site	checkout.com	35	40	+5	+Website Parked (5pts)	Apr 13, 2026
checkout-deveuperdeu.site	checkout.com	35	40	+5	+Website Parked (5pts)	Apr 13, 2026
binance-recover.com	binance.com	65	70	+5	+Website Parked (5pts)	Apr 13, 2026
v9bet-mobile.com	t-mobile.com	65	70	+5	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Apr 10, 2026
santander.exchange	santander.com	0	5	+5	+Website Parked (5pts)	Apr 08, 2026
santander.ltd	santander.com	30	35	+5	+Website Parked (5pts)	Apr 13, 2026
salesforcepakistan.cloud	salesforce.com	70	75	+5	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Apr 08, 2026
nationwideheatingandair.store	nationwide.co.uk	35	40	+5	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Apr 10, 2026
scalevertexhubexcelfocalcloud.top	icloud.com	65	70	+5	+Website Parked (5pts)	Apr 09, 2026
conferences-booking.org	booking.com	65	70	+5	+Website Parked (5pts)	Apr 13, 2026
rocky-booking.com	booking.com	45	50	+5	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Apr 13, 2026
rvbookingus.com	booking.com	35	40	+5	+Website Parked (5pts)	Apr 12, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
61	capitalone.com	163	28	6	Medium	17%
62	nationwide.co.uk	162	28	3	Medium	4%
63	klarna.com	159	27	6	Medium	10%
64	epicgames.com	158	29	13	Medium	10%
65	sumup.com	154	37	17	Medium	7%
66	servicenow.com	154	32	14	Medium	5%
67	xbox.com	153	25	1	Low	1%
68	hsbc.com	143	29	9	Medium	17%
69	skrill.com	139	25	6	Low	12%
70	wellsfargo.com	137	36	14	Medium	30%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

5/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
61	capitalone.com	163	reject
62	nationwide.co.uk	162	reject
63	klarna.com	159	reject
64	epicgames.com	158	quarantine
65	sumup.com	154	reject
66	servicenow.com	154	reject
67	xbox.com	153	reject
68	hsbc.com	143	reject
69	skrill.com	139	reject
70	wellsfargo.com	137	reject

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
1	payoneer.com	38	90	176	Medium	5%
2	sumup.com	37	85	154	Medium	7%
3	quickbooks.intuit.com	37	95	190	Medium	8%
4	wellsfargo.com	36	95	137	Medium	30%
5	mashreq.com	35	75	53	Medium	4%
6	airwallex.com	34	90	104	Medium	14%
7	morganstanley.com	33	80	23	Medium	22%
8	mizuhogroup.com	33	70	15	Medium	0%
9	intuit.com	33	100	835	Medium	5%
10	notion.so	32	85	204	Medium	1%