Check your domain's security in seconds
Paste your domain. We scan for lookalike and typosquat domains, check your DMARC, SPF, and DKIM, and look up your reputation across block lists. No signup required.
Enter your domain
No account, no payment, no email required.
We scan lookalikes
Up to 150 of the highest-signal typosquat, digit bitsquat, TLD swap, and homoglyph variants, checked for DNS and MX records.
See the risky ones
A summary of registered lookalikes targeting your brand, ranked by risk.
What this lookalike domain scanner does
This lookalike domain scanner takes your domain and generates the variants an attacker would register to impersonate you: typosquats (one-character slips), bitsquats, TLD swaps (your name on a different ending), and homoglyphs (letters that look identical but are not). It then checks the highest-signal variants for live DNS and mail records, so you see which lookalikes are not just possible but already registered.
Why it matters
Lookalike domains are the launch pad for phishing and brand impersonation. An attacker registers a name a customer or employee will not look at twice, then sends mail or hosts a fake login page from it. Seeing the registered lookalikes around your brand is how you know whether someone has already set up the infrastructure to spoof you.
How to read the result
The scan surfaces the lookalikes that resolve or accept mail, ranked by risk, alongside your email authentication posture (DMARC, SPF, DKIM) and reputation signals. A variant with DNS and MX records is worth attention; one with nothing published is lower priority. This is a one-shot snapshot, so a clean result today does not prevent a new registration tomorrow.
Related
- How to find lookalike domains, the method behind this scan.
- What typosquatting is and how the variant techniques work.
- DMARC Record Checker and the rest of the free email security tools to harden the records this scan reports on.