Detect brand-imitating domains before they harm your users. CT log monitoring, typosquatting detection, DNS/WHOIS enrichment.
Real-time monitoring of Certificate Transparency logs for newly issued certificates matching your brands.
Generate and check domain permutations: homoglyphs, transpositions, additions, and keyword inserts.
Automatic collection of DNS records, WHOIS data, TLS certificate details for each candidate.
Multi-factor score: similarity (35%), freshness (20%), infrastructure (25%), content (20%).
Export confirmed threats as JSON, CSV, or STIX format. Integrate into your security stack.
Get instant notifications when high-risk domains are detected for your monitored brands.
Add your brands with primary domains and categories to the monitoring system.
Celery workers scan CT logs and generate domain permutations 24/7 in the background.
Each candidate domain is enriched with DNS, WHOIS, TLS data and assigned a risk score.
Review pending domains, confirm phishing, export to threat feed, trigger takedown.
/api/domainwatch/v1/candidatesRequest
GET /api/domainwatch/v1/candidates ?min_score=70 &risk_level=high &status=pending &limit=10 Headers: X-Admin-Key: your_admin_key
Response
{
"candidates": [
{
"domain": "privatbank-ua.com",
"risk_score": 92,
"risk_level": "critical",
"target_brand": "PrivatBank",
"similarity": 0.89,
"registered": "2026-02-25"
}
],
"total": 47
}24/7
Monitoring
100+
Brands protected
<2s
Detection time
STIX
Feed format
Start monitoring your domains for brand impersonation today.
Get started free β