Strategic Risk Intelligence

Strategic Overview

High-level posture indicators with period-over-period trends

25776

Total Threats

-20.7% vs prior 30d

23526

Active Threats

-25.6% vs prior 30d

8.7%

Neutralized

+2.5pp vs prior 30d

357

Critical Risk

+192.3% vs prior 30d

4334

Emerging (7d)

+2334.8% vs prior 30d

Executive Summary

Threat activity has decreased, with total detected threats declining 20.7% compared to the prior 30-day period. Of 25776 total threats, 357 classified as critical risk and 53.6% are email-capable (impersonation ready). Response posture is a gap requiring attention at 8.7% neutralization, up 2.5pp from the prior period — most identified threats remain unaddressed.

Last updated Mar 26, 2026 11:36

Detection Trends (30 Days)

Threat Composition & Exposure

How mature are detected threats and what systemic exposure do they represent?

Risk Score Distribution

Active High-Risk Domain Age

44.9% of active high-risk threats are less than 30 days old — a leading indicator of active campaigns.

Threat Lifecycle Funnel

Progression from dormant registration to active threat. Domains can appear in multiple stages.

Dormant

30%

7752

Infrastructure Ready

19%

4838

Active (Live)

40%

10280

Weaponized

23%

5900

Confirmed Phishing

680

Neutralized

2250

Infrastructure Intelligence

Which registrars, nameservers, and TLDs are concentrated in your threat landscape?

Top Registrars

Registrar	Count	Avg Risk	Response Rate
GoDaddy.com, LLC	3625	23	1%
NAMECHEAP INC	950	56	1%
NameSilo, LLC	787	43	19%
Dynadot Inc	651	20	1%
Dynadot LLC	598	8	31%
HOSTINGER operations, UAB	587	50	6%
Spaceship, Inc.	524	21	6%
Cloudflare, Inc.	505	39	1%
TurnCommerce, Inc. DBA NameBright.com	480	7	0%
TUCOWS.COM, CO.	417	47	1%

Top Nameservers

Nameserver	Count	Avg Risk
ns1.thednscloud.com., ns2.thednscloud.com.	32	36
ina1.registrar.eu., ina2.registrar.eu., ina3.registrar.eu.	32	16
ns1.afternic.com., ns2.afternic.com., verification-d3jclucsp89ganyqbydeny.ns101.verify.hn.	32	33
dom.ns.cloudflare.com., nelly.ns.cloudflare.com.	31	75
ns1.digitalocean.com., ns2.digitalocean.com., ns3.digitalocean.com.	31	16
elly.ns.cloudflare.com., jaime.ns.cloudflare.com.	30	31
irma.ns.cloudflare.com., mitchell.ns.cloudflare.com.	30	16
ns1.reg.ru., ns2.reg.ru.	30	12
ns1.hyp.net., ns2.hyp.net., ns3.hyp.net.	29	24
everton.ns.cloudflare.com., mona.ns.cloudflare.com.	29	10

Active Threats & Response

Response effectiveness, emerging threats, and recent risk changes

Response Effectiveness

961

Taken Down

1396

Blacklisted

2250

Total Neutralized

Takedown Rate 3.7%

Blacklist Rate 5.4%

Neutralization Rate 8.7%

Discovery Method Breakdown

Emerging Threats (Last 7 Days, Risk 50+)

Lookalike Domain	Target Domain	Risk Score	Registrar	Website	Detected
doordash.work BLOCKED	doordash.com	100	Squarespace Domains II LLC	Parked	2 days, 8 hours ago
nexusaicloud.site	icloud.com	100	NAMECHEAP INC	Phishing	4 days, 7 hours ago
m-coinbase.com BLOCKED	coinbase.com	100	Squarespace Domains II LLC	Parked	8 hours, 12 minutes ago
klarnaco.com BLOCKED	klarna.com	100	Squarespace Domains II LLC	Parked	6 days, 7 hours ago
activate-coinbase.com BLOCKED	coinbase.com	100	HOSTINGER operations, UAB	Parked	5 days, 8 hours ago
binance-live.com BLOCKED	binance.com	100	Squarespace Domains II LLC	Parked	9 hours, 7 minutes ago
lnstagram.fun BLOCKED	instagram.com	100	HOSTINGER operations, UAB	Parked	6 days, 7 hours ago
tdgames.com BLOCKED	td.com	95	Porkbun LLC	Live	6 hours, 45 minutes ago
yourshopifyaudit.com	shopify.com	95	NAMECHEAP INC	Phishing	3 days, 7 hours ago
20icloud.com BLOCKED	icloud.com	95	Tucows Domains Inc.	Offline	7 hours, 41 minutes ago
binarce.com BLOCKED	binance.com	95	NAMECHEAP INC	Offline	6 days, 9 hours ago
quickbooksfraud.biz	quickbooks.intuit.com	95	NameSilo, LLC	Parked	1 day, 7 hours ago
atlasexpedia.com BLOCKED	expedia.com	95	NAMECHEAP INC	Live	8 hours, 22 minutes ago
livesquareup.com BLOCKED	squareup.com	90	TuringSign Inc. d/b/a Cosmotown	Phishing	7 hours, 2 minutes ago
linkshopify.com	shopify.com	90	NAMECHEAP INC	Live	7 hours, 8 minutes ago

Recent Risk Increases

Not all domains are rescanned. Only domains that pass all skip conditions are rescanned for risk scoring. If any of the following conditions is met, the domain is skipped:

Domain created more than X days ago: 10 days
Domain discovered more than X days ago: 10 days
Risk score unchanged for X days: 10 days

Lookalike Domain	Target Domain	Previous	Current	Change	What Changed	Date
exploref1cloudsolutions.com	icloud.com	0	70	+70	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Mar 08, 2026
caofficedropbox.com	dropbox.com	0	65	+65	+Dangerous Email Provider (15pts) +MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
icloud-devlce.com	icloud.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
topbet-mobile.com	t-mobile.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
instagramadsagency.info	instagram.com	0	60	+60	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Mar 06, 2026
spartanbooking.info	booking.com	0	60	+60	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Phishing (20pts)	Mar 08, 2026
barclaysdirect-uk.com	barclays.com	15	75	+60	-	Mar 05, 2026
skrillsswe.com	skrill.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
skrillche.com	skrill.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
fabhotel-booking.online	booking.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
ibis-bookingsindia.online	booking.com	15	75	+60	+MX Records (15pts) +SPF Records (15pts) +Website Live (10pts)	Mar 08, 2026
bsantanderbonds.com	santander.com	10	65	+55	+Dangerous Email Provider (15pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Live (10pts)	Mar 24, 2026
quickbooks-direct.info	quickbooks.intuit.com	0	55	+55	+Dangerous Email Provider (25pts) +MX Records (15pts) +SPF Records (15pts)	Mar 26, 2026
distressbookings.com	booking.com	15	70	+55	+Dangerous Email Provider (25pts) +MX Records (15pts) +SPF Records (15pts) +Very Recent Domain (10pts) +Website Parked (5pts)	Mar 24, 2026
happybookingtravel.com	booking.com	0	55	+55	+Dangerous Email Provider (10pts) +MX Records (15pts) +SPF Records (15pts) +Website Parked (5pts)	Mar 08, 2026

Domain-Level Analysis

Which of your brands are most targeted and carry the highest aggregate risk?

Most Targeted Domains

#	Legitimate Domain	Lookalikes	Avg Risk	High Risk	Threat Level	Response Rate
31	wechat.com	265	20	2	Low	1%
32	godaddy.com	264	19	4	Low	1%
33	canva.com	260	19	4	Low	1%
34	slack.com	247	26	7	Medium	2%
35	walmart.com	242	26	9	Medium	6%
36	ebay.com	240	20	7	Low	4%
37	asana.com	236	25	0	Low	2%
38	zoom.us	217	26	2	Medium	3%
39	workday.com	215	26	10	Medium	2%
40	playstation.com	214	26	8	Medium	3%

Domain Protection Status

10/10

DMARC Protected (quarantine/reject)

5/10

BIMI Configured (brand logo in inbox)

#	Domain	Lookalikes	DMARC Policy
31	wechat.com	265	quarantine
32	godaddy.com	264	reject
33	canva.com	260	reject
34	slack.com	247	reject
35	walmart.com	242	reject
36	ebay.com	240	reject
37	asana.com	236	quarantine
38	zoom.us	217	reject
39	workday.com	215	reject
40	playstation.com	214	reject

Highest Average Risk Domains

#	Legitimate Domain	Avg Risk	Max Risk	Lookalikes	Severity	Response Rate
51	razorpay.com	26	65	35	Medium	3%
52	kraken.com	26	90	492	Medium	8%
53	proton.me	26	85	199	Medium	1%
54	sap.com	26	95	335	Medium	1%
55	workday.com	26	90	215	Medium	2%
56	aliexpress.com	26	85	287	Medium	5%
57	nationwide.co.uk	26	100	144	Medium	3%
58	zoom.us	26	75	217	Medium	3%
59	playstation.com	26	75	214	Medium	3%
60	fedex.com	26	80	125	Medium	7%