Fenix International Limited, owner of the social media platform OnlyFans, successfully secured the transfer of the disputed domain onlyfriendsfans.fun in a WIPO UDRP proceeding. The sole panelist ruled that the respondent, Dammika Pathirana, registered and used the domain in bad faith without any legitimate rights. The decision prevents potential customer confusion among the platform’s massive global user base.
Case Snapshot
| Case Number | D2025-5144 |
|---|---|
| Complainant | Fenix International Limited |
| Respondent | Dammika Pathirana |
| Disputed Domain | onlyfriendsfans.fun |
| Threat Tactic | Brand Plus Keyword |
| Decision Date | 2026-01-28 |
| Panelist | Pablo A. Palazzi |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5144 |
Brand-Adjacent Spoofing and the Vulnerability of Massive Digital Communities
The registration of onlyfriendsfans.fun on September 17, 2025, by Respondent Dammika Pathirana, illustrates the strategic risk posed by brand-plus-keyword tactics targeting high-traffic platforms. Fenix International Limited, owner of the ONLYFANS trademark (including UK Registration No. UK00917912377, registered on January 9, 2019), operates a social media network that grew to exceed 305 million registered users in 2025. By combining the famous mark with confusingly similar terms under a default WordPress installation titled ‘Only Friends’, the Respondent established an unauthorized brand-adjacent touchpoint. Although the domain resolved to a default hosting landing page with no substantive content, this passive holding pattern represents a volatile threat that risks diluting the distinctive nature of the Complainant’s brand.
From a customer trust perspective, brand-adjacent domains present immediate operational risks to security and support teams. While the record contains no evidence of active email campaigns or direct fraud initiated from this specific domain, the potential for credential harvesting or phishing remains a continuous threat. Unsuspecting creators and subscribers could easily mistake an ‘Only Friends’ variant for an official affiliate or secondary platform. If a domain like onlyfriendsfans.fun is left unchecked and subsequently transitions into an active threat vector, the resulting security incidents can significantly escalate customer support overhead, increase trust-building expenses, and damage user confidence within the brand’s primary digital ecosystem.
UDRP Panel Analysis of Confusing Similarity, Legitimate Interests, and Bad Faith
Under Paragraph 4(a)(i) of the UDRP Policy, the Panelist, Pablo A. Palazzi, assessed the threshold standing requirement by comparing the Complainant’s trademark and the disputed domain name. Fenix International Limited established statutory rights in the ONLYFANS mark through its prior registrations, including UK Registration No. UK00917912377. The Panelist determined that the disputed domain name, onlyfriendsfans.fun, is confusingly similar to the Complainant’s mark. The insertion of the word ‘friends’ between ‘only’ and ‘fans’ does not prevent a finding of confusing similarity, as the underlying mark remains clearly recognizable within the disputed domain.
Regarding Paragraph 4(a)(ii) of the Policy, the Panel determined that the Respondent, Dammika Pathirana, had no rights or legitimate interests in respect of the disputed domain name. The Complainant has not authorized, licensed, or otherwise permitted the Respondent to use its ONLYFANS trademark. Furthermore, the Respondent is not commonly known by the disputed domain name and failed to submit any formal response to rebut the Complainant’s prima facie case. The domain resolved to a default WordPress installation with the title ‘Only Friends’ and no other substantive content, which fails to constitute a bona fide offering of goods or services or a legitimate non-commercial or fair use.
In analyzing bad faith under Paragraph 4(a)(iii) of the Policy, the Panelist emphasized the global renown of the ONLYFANS trademark, which represented a platform with more than 305 million registered users in 2025. Given this extensive user base and the distinctiveness of the mark, the Respondent must have been aware of the Complainant’s business when registering the domain in September 2025. The passive holding of the disputed domain under a default WordPress setup does not prevent a finding of bad faith. Instead, the incorporation of the trademark alongside a minor variation indicates an intent to attract internet users by exploiting the fame of the Complainant’s brand.
For brand owners and IP professionals, this decision underscores the strategic value of proactive UDRP enforcement against brand-plus-keyword variations before they are deployed in active campaigns. While there is no evidence that onlyfriendsfans.fun was used for active phishing or credential harvesting, the passive holding of a confusingly similar domain presents ongoing risks to customer support teams and platform integrity. By securing a transfer prior to any active threat deployment, brand owners effectively mitigate the threat of brand dilution and avoid the administrative overhead associated with addressing customer confusion.
Strategic Preemption of Brand-Plus-Keyword and Passive Holding Threats
Fenix International Limited’s successful enforcement strategy relied on establishing a strong temporal priority and demonstrating the global renown of the ONLYFANS mark. By presenting United Kingdom Registration No. UK00917912377, registered on January 9, 2019, the Complainant proved its rights predated the registration of onlyfriendsfans.fun on September 17, 2025, by more than six years. Additionally, the Complainant reinforced its case by referencing its massive operational scale of over 305 million registered users in 2025, alongside a track record of over 150 past favorable WIPO decisions. This substantial evidence of brand recognition made the Respondent’s default even more damaging to their position, as the Panel could easily infer that the Respondent registered the domain with full awareness of the ONLYFANS mark.
The case highlights how brand owners can successfully combat brand-plus-keyword domains even when they are held passively. Although onlyfriendsfans.fun merely resolved to a default WordPress installation with the title ‘Only Friends’ and no active phishing or email campaigns were documented, the Complainant did not wait for active fraud to occur. Securing a transfer under these circumstances demonstrates that passive holding of highly similar brand variants constitutes bad faith when the underlying trademark is extensively well-known. Proactively securing these adjacent domains mitigates the risk of credential harvesting and brand dilution, ultimately protecting the platform’s massive global user base and reducing customer support overhead.
Practical Recommendations
- Implement proactive domain monitoring systems configured to flag ‘brand-plus-keyword’ variations (such as inserting generic terms like ‘friends’ alongside core trademarks) specifically targeting alternative gTLDs like ‘.fun’.
- Initiate swift UDRP actions against confusingly similar domains even if they resolve to default WordPress or ‘under construction’ pages, citing established panel consensus that passive holding of a highly famous mark constitutes bad faith.
- Leverage and document a robust track record of previous UDRP victories and registered trademark portfolios in complaints to establish a clear pattern of brand fame and facilitate expedited decisions when respondents default.
- Integrate flagged brand-adjacent domains into internal threat intelligence feeds to alert customer support and trust-and-safety teams of potential lookalike channels before they can be weaponized for phishing or credential harvesting.
- Incorporate high-risk generic TLDs into defensive registration strategies for core brand terms, limiting the availability of low-cost, high-reach domains to unauthorized registrants seeking to exploit massive user bases.
Frequently Asked Questions (FAQ)
Why was the domain ‘onlyfriendsfans.fun’ considered confusingly similar to the OnlyFans trademark?
The Panel determined that the disputed domain creates a high risk of confusion by incorporating the ‘ONLYFANS’ mark alongside the term ‘onlyfriends’, leveraging the phonetic and structural similarity to the Complainant’s globally recognized social media brand.
What evidence did the Panel use to establish bad faith, given the site only contained a default WordPress installation?
The Panel concluded that the registration and passive holding of the domain constituted bad faith, citing the significant renown of the ONLYFANS mark and the fact that the Respondent offered no legitimate justification or response for its activities.
Did the Respondent provide any evidence of rights or legitimate interests in the domain?
No. The Respondent failed to submit a formal response to the Complainant’s contentions throughout the administrative proceeding, leading the Panel to find that the Respondent possessed no rights or legitimate interests in the disputed domain.
How does this decision protect the OnlyFans community?
By securing the transfer of the domain, Fenix International Limited successfully mitigates the risk of potential phishing, credential harvesting, or brand dilution, thereby safeguarding its 305 million registered users from deceptive brand-adjacent touchpoints.
Stop Brand-Plus-Keyword Abuse
Protect your digital presence from unauthorized domains that leverage your trademark to mimic your platform. Our experts can help you assess and address brand-plus-keyword risks before they impact your users.
This case note is for informational purposes only and is not legal advice.



