---
title: "Search for all certificates related to a domain (Cousin)"
slug: "get-domain-cousins"
description: "The Silent Push Domain Cousins query searches for certificates with the same domain as the target domain, allowing you to quickly populate a list of your organization's domains based off one simple lookup."
tags: ["Certificates", "Domain queries"]
updated: 2025-12-31T15:06:02Z
published: 2025-12-31T15:06:02Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://help.silentpush.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Search for all certificates related to a domain (Cousin)

Domain Cousins are domain names that are similar to a target domain name, but may differ by one or more characters. They can include variations in spelling, punctuation, or the top-level domain (TLD), such as using “.com” instead of “.org”.

Domain cousins can be used in various ways, both legitimate and malicious. For example, a company may register multiple domain names that are similar to their main domain to redirect traffic or protect their brand. However, malicious actors may use domain cousins to impersonate legitimate domains or websites, deceiving users and stealing sensitive information.

The Silent Push **Domain Cousins** query searches for certificates with the same domain as the target domain, allowing you to quickly populate a list of your organization's domains based on one simple lookup.

## Search for Cousins

1. From the left navigation menu, select**Advanced Query Builder >** **Domain Queries > Cousins**.
2. Specify a **target domain**.
3. Click **Search**.

## Save Query

1. Specify query parameters.
2. Click **Save Query**.
3. Provide a **Name** and **Description** for context.
4. Click **Save**. The query appears in [**Private Queries**](https://help.silentpush.com/docs/private-queries).

This prevents traffic from being redirected to malicious lookalike domains.

Domain names similar to a target domain, differing by characters, punctuation, or top-level domain (TLD), are often used maliciously for impersonation and are detected through certificate-based searches.