Domain cousins are domain names that are similar to a target domain name, but may differ by one or more characters. They can include variations in spelling, punctuation, or the top-level domain (TLD), such as using ".com" instead of ".org".
Domain cousins can be used in various ways, both legitimate and malicious. For example, a company may register multiple domain names that are similar to their main domain in order to redirect traffic or protect their brand. However, malicious actors may use domain cousins to impersonate a legitimate domain or website in order to deceive users and steal sensitive information.
The Silent Push Domain Cousins query searches for certificates with the same domain as the target domain, allowing you to quickly populate a list of your organization's domains based off one simple lookup.
-
Navigate to
Advanced Query Builder > Domain Queries > Cousins -
Specify a
domainthat acts as the target domain -
Click
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.
-
Specify the query parameters
-
Click
Save Query -
Give your query a
Name -
Specify a
Descriptionto add more context -
Click
Save