Quickstart guide

Getting started with Have I Been Squatted

This guide covers how to start using Have I Been Squatted to protect domains from typosquatting and brand impersonation.

What is Have I Been Squatted?

Have I Been Squatted is a typosquatting detection tool that surfaces domain impersonation for review before it becomes a security or reputational concern.

Quick Domain Lookup

1. Open haveibeensquatted.com.
2. Enter the domain name in the search box (for example example.com).
3. Choose Lookup to start the analysis.

Tip

For the best results, use the primary domain name without subdomains (for example company.com instead of www.company.com).

Understanding results

Lookup results include:

1. Permutations: Variants of the searched domain that could be typosquatted
2. IP Information: Details about where suspicious domains are hosted
3. Classification: Risk assessment for each domain variant
4. Registration data: WHOIS or Registration Data Access Protocol (RDAP) data for active domains

Taking action

When suspicious domains appear in results:

1. Review Classifications: Focus on domains marked with high phishing probability
2. Examine IP Data: Check if suspicious domains are hosted on known malicious infrastructure
3. Document Findings: Export results in JSON or CSV format for further analysis
4. Take Action: Consider domain takedowns for high-risk impersonations

Caution

Some features require Have I Been Squatted Plus or Pro. Plus and Pro add advanced capabilities such as geographic IP enrichment, NXDOMAIN checks, WHOIS or Registration Data Access Protocol (RDAP) registration data, and phishing detection.