OSINT · Domain Intelligence
Generate thousands of domain typos and lookalikes, then instantly check which ones are registered, resolve in DNS, run email infrastructure, expose Azure tenants, or hold SSL certificates — all from your browser.
Enter a domain to scan
| Domain | Fuzzer | DNS Status | Registered / Registrar | MX Provider | Intel | Risk | Actions |
|---|
Detects registered lookalike domains that attackers use to harvest credentials, intercept email, or redirect users — classic vectors for BEC and supply-chain attacks.
Finds domains that impersonate your brand across TLDs and common misspellings — useful for legal teams building takedown cases or proactive brand monitoring.
Checks whether a lookalike domain has an active Microsoft 365 / Azure AD tenant — a strong indicator of a targeted attack or corporate espionage attempt via email spoofing.
Uncovers domains parking on your brand's traffic, scraping your content, or ranking in search via lookalike URLs — costing you visits, revenue, and reputation.
Lookalike domains with live MX records are high-risk — they can receive misdirected email containing sensitive business data. Fingerprints the mail provider for further investigation.
Queries Certificate Transparency logs via crt.sh to find TLS certificates issued for lookalike domains — often the first sign a phishing site is being stood up.
Responsible Use: SquatWatch is designed for legitimate security research, brand protection, penetration testing with authorisation, and defensive threat intelligence. Do not use this tool to conduct unauthorised attacks, register infringing domains, or harass individuals or organisations. Scanning is subject to rate limits. All lookups are logged anonymously for abuse prevention.