Solutions · Lookalike domains
Take down lookalike domains before customers find them.
Someone registers yourbrand-official.shop tonight, clones your storefront, and starts harvesting your customers' cards under your name. Brand Protector predicts the lookalikes before they exist, watches them daily, and routes the takedown to the registrar's abuse desk the day one turns hostile.
$199/mo or $1,499/yr · 7-day free trial · card upfront, no charge until day 8 · ~10-minute setup
- dnstwist-class permutation prediction, plus Certificate Transparency watch
- Daily DNS checks — alerted the day a watched domain registers
- Registrar abuse routing via WHOIS + RDAP, even on .shop and .xyz
What it costs you
A lookalike domain is rarely just parked.
Phished customers, your blame
A cloned checkout on a typo domain harvests cards under your name. Victims don't email the registrar — they post about you, and they tell their banks it was you.
Diverted traffic, paid and organic
Typosquats sit on the misspellings your customers actually make. Whatever's hosted there — affiliate spam, a competitor, a scam — collects type-in and search traffic you earned.
The cost curve of waiting
An unregistered permutation costs a few dollars a year to own outright. A live abusive one costs registrar-takedown timelines — and the stubborn cases escalate to UDRP or counsel.
How it works
How it works for your domain.
Prediction first, watching second, takedowns when they're warranted.
Point us at your domain
We generate the permutation set for your brand domain — typos, homoglyphs, hyphen variants, TLD swaps — and check what's already registered. First scan runs at activation; first results typically land in ~30 minutes.
~10-minute setup · first results in ~30 min
Live ones get scored, empty ones get watched
Registered lookalikes are classified — parked, storefront clone, phishing — and scored into your inbox. High-risk unregistered permutations go onto a daily DNS watch. Full coverage lands overnight.
Classification + scoring · daily DNS watch
When one lights up, you're first to know
The day a watched domain registers, you get the alert — inbox, Slack, webhook, audit trail. If it turns abusive, the takedown is pre-routed to that domain's registrar abuse desk with the evidence pack attached.
Registration alerts · registrar-routed takedowns
The machinery
Prediction, watching, and routing — the full loop.
Most tools alert you after a fake site is live. The cheaper interventions all happen earlier.
Permutation prediction, dnstwist-class
Deterministic typo, homoglyph, and TLD-swap permutations of your domain — the brandprotectör.io class included — plus Certificate Transparency log monitoring to catch composites no generator predicts, like yourbrand-official.shop appearing in a fresh TLS certificate.
dnstwist permutations · crt.sh CT monitoring
Daily DNS watch on the dangerous ones
Unregistered permutations ranked by risk go on watch. We re-resolve them daily; the moment one transitions to registered you get an inbox entry, a Slack alert, and an audit-trail row — usually before it has any content.
Daily re-resolution · Slack + webhook + audit alerts
Registrar-resolved takedown routing
Domain takedowns die when they're sent to the wrong desk. We resolve the actual registrar via WHOIS with an RDAP fallback — which works on .shop, .top, .xyz and the newer TLDs — and pre-address the abuse notice to that registrar's abuse contact, with the evidence pack attached.
WHOIS + RDAP · abuse-desk table · pre-filled notice
A defensive-registration plan, as a PDF
One click generates a ranked plan of your most-likely-to-be-squatted unregistered permutations, with estimated registration cost and a registration deep-link per domain. The cheapest takedown is the domain you bought first — hand the plan to whoever holds the company card.
Risk-ranked · cost-estimated · one-page PDF
The honest part
What a domain takedown can and can't do.
Registrar abuse desks move on their own timelines — cooperative ones in about two days, typical cases within two weeks, and a few simply don't respond. We route the notice to the right desk and track the clock, but no tool can force a registrar's hand. That's why prediction and defensive registration sit in front of takedowns here, not behind them.
A parked lookalike with no content usually isn't actionable — most abuse policies require active harm like phishing or counterfeit sales. We say so instead of filing a notice that will bounce: parked domains stay on watch, and the case upgrades the day they turn hostile. For the genuinely stubborn cases, UDRP or counsel is beyond the product — but the evidence pack you hand them isn't.
Versus the field
Versus the enterprise suites.
| Brand Protector | Red Points · MarqVision · BrandShield | |
|---|---|---|
| Price | $199/mo or $1,499/yr, public pricing | Typically $10k+/yr (estimated) — 10–50× more |
| Buying process | Self-serve — no sales call, cancel anytime | Sales-led demos, quotes, annual minimums |
| Coverage model | Permutation prediction + CT logs + daily DNS watch | Comparable domain monitoring, analyst-operated |
| Takedown routing | WHOIS + RDAP-resolved registrar abuse desks, you approve | Analyst-routed on your behalf |
Enterprise pricing estimated — none of the three publishes a price page. Full feature-by-feature breakdowns: /compare.
Disclosed proof · the founder’s own brand
The first deployment is Wuffes — a pet-supplement brand on Amazon US, run by the same founder (we tell you that up front). Brand Protector was built inside it; in its first 30 days there it filed 47 takedowns and 38 listings came down. Read the case study →
Objections, welcome
Questions, answered straight.
- We already own our .com — why would we need this?
- Owning your domain doesn't stop anyone registering six hundred variants of it. The risk isn't your domain — it's every permutation a customer might trust: the swapped letter, the added hyphen, the .shop twin. Prediction maps that space; the daily watch tells you the day any of it becomes real.
- Can you take down a lookalike domain that's just parked?
- Usually not, and we won't pretend otherwise. Registrar abuse policies generally require active harm — phishing, counterfeit sales, credential harvesting — and a parked page with no content rarely qualifies. Parked lookalikes stay on watch instead, and the case escalates with evidence the day real content appears.
- How long does a registrar takedown actually take?
- Cooperative registrars act in about two days; typical cases resolve within two weeks; a slow tail takes a month or never responds. We track each notice against those expectations and keep the status visible. It's also why the product pushes defensive registration first — the domains you own need no takedown at all.
- Do you catch homoglyph and IDN lookalikes?
- Yes. The permutation engine generates homoglyph variants — the brandprotectör.io class, where a single character is swapped for a visually identical one — alongside typos, hyphenations, and TLD swaps. Certificate Transparency monitoring then catches composite names that no permutation generator would predict.
- Should we just defensively register everything instead?
- No — registering every permutation is a money pit, and most are harmless. The defensive-registration PDF ranks your permutations by risk with estimated costs, so you buy the high-risk handful outright and leave the long tail on the free daily watch. Own what matters; watch the rest.
Know your lookalikes before they're registered.
Point Brand Protector at your domain tonight — the permutation map and first results land in about 30 minutes.
7-day free trial · card required, no charge until day 8 · cancel in-app