Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

30381

Total Threats

+54.2% vs prior 30d

27609

Active Threats

+56.7% vs prior 30d

9.1%

Neutralized

-2.8pp vs prior 30d

448

Critical Risk

+68.3% vs prior 30d

2444

Emerging (7d)

+12.6% vs prior 30d

Executive Summary

Threat activity has intensified, with total detected threats increasing 54.2% compared to the prior 30-day period. Of 30381 total threats, 448 classified as critical risk and 52.7% are email-capable (impersonation ready). Response posture is a gap requiring attention at 9.1% neutralization, down 2.8pp from the prior period — most identified threats remain unaddressed.

Last updated Apr 09, 2026 01:43

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

36.0% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

30%

9129

Infrastructure Ready

20%

6195

Active (Live)

38%

11479

Weaponized

21%

6483

Confirmed Phishing

835

Neutralized

2772

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	3902	24	2%
NAMECHEAP INC	1120	57	2%
Dominet (HK) Limited	1046	34	1%
NameSilo, LLC	1024	42	19%
Dynadot Inc	709	21	2%
HOSTINGER operations, UAB	707	50	7%
Cloudflare, Inc.	626	42	1%
Dynadot LLC	616	9	31%
Spaceship, Inc.	602	22	5%
TUCOWS.COM, CO.	517	46	2%

Top Nameservers

Nameserver	Count	Avg Risk
ns1.mxmpark.com., ns2.mxmpark.com.	14	5
ns8.wixdns.net., ns9.wixdns.net.	14	48
dns27.hichina.com., dns28.hichina.com.	14	36
ns1.nameshift.com., ns2.nameshift.com., poit15.ns3.nameshift.com.	14	21
lola.ns.cloudflare.com., seamus.ns.cloudflare.com.	14	19
ns1.fastlookup.net., ns2.fastlookup.net.	14	16
amanda.ns.cloudflare.com., greg.ns.cloudflare.com.	14	7
ns1.netim.net., ns2.netim.net., ns3.netim.net.	14	36
ns1.expiereddnsmanager.com., ns2.expiereddnsmanager.com.	14	27
ns1.autolinke.org., ns2.autolinke.org.	14	5

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

1360

Taken Down

1568

Blacklisted

2772

Total Neutralized

Takedown Rate 4.5%

Blacklist Rate 5.2%

Neutralization Rate 9.1%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
checkoutvistoriaveicular.shop	checkout.com	55	HOSTINGER operations, UAB	Phishing	4 days, 22 hours ago
artframeforinstagram.com	instagram.com	55	HOSTINGER operations, UAB	Phishing	2 days, 22 hours ago
1m1ba7-e8myshopifycom.store	shopify.com	55	-	Offline	1 day, 21 hours ago
kaynhotelbooking.com	booking.com	55	HOSTINGER operations, UAB	Offline	22 hours, 27 minutes ago
checkoutclpz.cloud	checkout.com	55	HOSTINGER operations, UAB	Phishing	2 days, 22 hours ago
instagramselo.site	instagram.com	55	HOSTINGER operations, UAB	Phishing	2 days, 22 hours ago
europa-binance.com	binance.com	55	DYNADOT LLC	Offline	5 days, 7 hours ago
blastthekraken.com	kraken.com	55	Squarespace Domains LLC	Phishing	6 days, 21 hours ago
getgithubspot.org	github.com	55	Cloudflare, Inc.	Phishing	4 days, 22 hours ago
peakscindoorbooking.com	booking.com	55	Cloudflare, Inc.	Phishing	1 day, 22 hours ago
whatsappautochat.com	whatsapp.com	55	HOSTINGER operations, UAB	Phishing	2 days, 21 hours ago
staywisebooking.com	booking.com	55	GoDaddy.com, LLC	Offline	1 day, 22 hours ago
buyiptvpaypal.com	paypal.com	55	HOSTINGER operations, UAB	Phishing	21 hours, 16 minutes ago
nationwidegrps.com	nationwide.co.uk	55	DYNADOT LLC	Offline	2 days, 22 hours ago
theintuitivetaurus.com	intuit.com	55	GoDaddy.com, LLC	Parked	2 days, 22 hours ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
goblinance.com	binance.com	45	100	+55	+Dangerous Email Provider (25pts) +Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 28, 2026
bsantanderbonds.com	santander.com	10	65	+55	+Dangerous Email Provider (15pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 24, 2026
distressbookings.com	booking.com	15	70	+55	+Dangerous Email Provider (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Mar 24, 2026
dropboxify.com	dropbox.com	35	85	+50	+MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Apr 09, 2026
netflix-us.com BLOCKED	netflix.com	20	70	+50	+MX Records (15pts) +SPF Records (15pts)	Apr 04, 2026
bookinghotelgranfornells.com	booking.com	10	60	+50	+MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Apr 04, 2026
findmyicloud.pro BLOCKED	icloud.com	10	60	+50	+MX Records (15pts) +SPF Records (15pts)	Apr 03, 2026
aliexpresslogistics.com	aliexpress.com	10	60	+50	+MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Phishing (20pts)	Apr 06, 2026
topsocialbooking.info	booking.com	0	50	+50	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 29, 2026
bookinglk.com	booking.com	15	65	+50	+MX Records (15pts) +SPF Records (15pts)	Apr 01, 2026
bookingadvisor.info	booking.com	0	50	+50	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 22, 2026
retirementadvisorbooking.info	booking.com	0	50	+50	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 22, 2026
smartadvisorbooking.info	booking.com	0	50	+50	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 22, 2026
ziziroblox.com	roblox.com	10	60	+50	+MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Mar 23, 2026
elitebooking.net	booking.com	35	85	+50	+Dangerous Registrar (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Phishing (20pts)	Mar 15, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
51	okta.com	194	28	5	Medium	5%
52	six-group.com	190	28	6	Medium	0%
53	etsy.com	182	25	7	Low	4%
54	bankofamerica.com	178	31	17	Medium	24%
55	carrefour.com	176	28	6	Medium	9%
56	notion.so	175	32	9	Medium	2%
57	payoneer.com	173	38	35	Medium	4%
58	doordash.com	172	23	9	Low	4%
59	quickbooks.intuit.com	171	37	23	Medium	7%
60	capitalone.com	158	28	5	Medium	16%

Domain Protection Status

8/10

DMARC Protected (quarantine/reject)

5/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
51	okta.com	194	reject
52	six-group.com	190	reject
53	etsy.com	182	reject
54	bankofamerica.com	178	reject
55	carrefour.com	176	none
56	notion.so	175	quarantine
57	payoneer.com	173	reject
58	doordash.com	172	reject
59	quickbooks.intuit.com	171	No record
60	capitalone.com	158	reject

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
1	payoneer.com	38	90	173	Medium	4%
2	quickbooks.intuit.com	37	95	171	Medium	7%
3	sumup.com	37	85	150	Medium	7%
4	airwallex.com	35	90	101	Medium	14%
5	wellsfargo.com	35	95	127	Medium	28%
6	mashreq.com	35	75	51	Medium	4%
7	morganstanley.com	33	75	20	Medium	15%
8	intuit.com	33	100	660	Medium	5%
9	mizuhogroup.com	32	70	14	Medium	0%
10	notion.so	32	85	175	Medium	2%