Domain Cousins are domain names that are similar to a target domain name, but may differ by one or more characters. They can include variations in spelling, punctuation, or the top-level domain (TLD), such as using “.com” instead of “.org”.
Domain cousins can be used in various ways, both legitimate and malicious. For example, a company may register multiple domain names that are similar to their main domain to redirect traffic or protect their brand. However, malicious actors may use domain cousins to impersonate legitimate domains or websites, deceiving users and stealing sensitive information.
The Silent Push Domain Cousins query searches for certificates with the same domain as the target domain, allowing you to quickly populate a list of your organization's domains based on one simple lookup.
Search for Cousins
From the left navigation menu, select Advanced Query Builder > Domain Queries > Cousins.
Specify a target domain.
Click Search.
Save Query
Specify query parameters.
Click Save Query.
Provide a Name and Description for context.
Click Save. The query appears in Private Queries.
This prevents traffic from being redirected to malicious lookalike domains.