Understanding Your Free Domain Check Results
Our free domain check provides you with a quick scan of similar domains that are potential threats.
If you are interested in conducting a deeper AI-driven scan, subscribe today for access to this service.
DOMAIN EXAMPLE: WWW.ELASTICEMAIL.COM
As in our example, you will be provided with a list of potential threats, along with some information about the domain.
We’ve highlighted the results that are of note for our example business. These domains are very similar to our domain and are worth a review. We would begin by searching the URLs to see if they are legitimate businesses that pose no threat. If you cannot find any information or the results are suspicious, these are potential typosquats or spoof domains that might be used to confuse users or customers.
Most important to review is whether the suspicious domains have MX records set up. If yes, the domain can send or receive emails, making it a high-risk candidate for phishing attempts. Always prioritize monitoring domains with MX records as they have the higher threat potential.
To learn more about a domain click on this button in your results.
A good way to learn more about a domain and its registration is by performing a WHOIS lookup.
If the domain is suspicious, pay attention to certain details to further analyze the threat level. This includes who owns the domain, when it was created, and where it’s hosted. Understanding these details helps you spot warning signs of malicious intent before problems arise.
Domain Creation Date
Shows when the domain was first registered. New domains (registered within days or weeks) are often used for phishing. A brand-new lookalike domain is an immediate red flag.
Updated / Expiry Date
Shows when details were last changed and when the domain will expire.
Frequent updates or short registration periods can suggest disposable or malicious use. Long-term registrations usually indicate legitimacy.
Registrar
The company where the domain was registered (e.g., GoDaddy, Namecheap). Some registrars are favored by spammers or phishing operations. Seeing multiple suspicious domains under the same registrar can reveal a pattern.
Country / Location
Shows where the domain is registered or hosted. If your organization operates in one region but the lookalike is hosted somewhere unexpected or high-risk, treat it with caution.
What to do if you discover a threatening domain
Protect Your Customers
and Team
Alert your security team or IT provider.
Alert your staff to be more vigilant when opening emails and give them a list of the suspicious domains to watch for.
Update your email filters and firewall rules to block the suspicious domain.
If phishing emails have been sent, warn your customers through verified channels (social media, newsletters, or direct communication).
Consider setting up DMARC, SPF, and DKIM on your legitimate domain to prevent spoofing.
Evaluate the Risk Level
High Risk: Active website, MX records, mimics your brand
Recommended Action: Report immediately to registrar and hosting provider. Consider issuing a takedown notice.
Medium Risk: Domain is live but not yet active for email or brand use.
Recommended Action: Add to monitoring list. Watch for changes in activity or DNS records.
Low Risk: Domain inactive, no hosting or MX record
Recommended Action: Log and monitor periodically for updates.
Take Protective Action
Report the domain to its registrar (you can find this in the WHOIS record). Most registrars have abuse reporting forms, look for an “Abuse Contact Email” in the WHOIS data.
If the domain is sending phishing emails, report it to major email providers (Google, Microsoft, etc.) via their phishing report forms.
Contact the hosting provider if the site is live and impersonating your brand request a takedown under brand impersonation or phishing policies.
If the domain uses your trademarks or logos, submit a trademark complaint to the registrar or ICANN.
Monitor and Follow Up
Add the domain to your DNS Twister monitoring list to track any changes in hosting or mail activity. Tracking domains is a feature of the paid subscription plans, sign up below for access.
Set reminders to recheck the WHOIS and DNS records weekly.
Keep records of your reports and communications with registrars or hosts for follow-up.