Domain cousins are domain names that are similar to a target domain name, but may differ by one or more characters. They can include variations in spelling, punctuation, or the top-level domain (TLD), such as using “.com” instead of “.org”.
Domain cousins can be used in various ways, both legitimate and malicious. For example, a company may register multiple domain names that are similar to their main domain to redirect traffic or protect their brand. However, malicious actors may use domain cousins to impersonate a legitimate domain or website to deceive users and steal sensitive information.
The Silent Push Domain Cousins query searches for certificates with the same domain as the target domain, allowing you to quickly populate a list of your organization's domains based on one simple lookup.
Search for Cousins
Navigate to Advanced Query Builder > Domain Queries > Cousins.
Specify a target domain.
Click Search.
Save queries
Organizational users can save queries for future use or sharing.
Specify query parameters.
Click Save Query.
Provide a Name and Description for context.
Click Save. The query appears in Private Queries.
This prevents traffic redirection to malicious lookalike domains.