5 May, 2026

Extortionate Resale Attempt for Sodexo .top Domains Fails at WIPO

UDRP Cases

Sodexo successfully secured the transfer of three domains, including sodexo.top, from respondent Ibrahim Mueller. The domains were registered in late 2025 and listed for sale at an asking price exceeding 1.9 million Euros. The WIPO panelist found the respondent acted in bad faith for the purpose of resale and rejected a counter-claim of reverse domain name hijacking.

Case Snapshot

Case Number D2025-5070
Complainant Sodexo
Respondent Ibrahim Mueller
Disputed Domain
sod-exo.topsodexo.top
Threat Tactic Ransom or Resale
Decision Date 2026-01-17
Panelist Jeremy Speres
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5070

Financial Extortion and Portfolio Vulnerabilities in the .top Registry

The registration of sodexo.top and sod-exo.top highlights a high-value financial extortion risk aimed at established global brands. In this instance, the respondent leveraged the well-known status of the SODEXO mark to list the disputed domains on a public marketplace for EUR 1,977,777.77. This valuation, which reached over 2.2 million USD by the time of the decision, demonstrates an intent to secure a payout far exceeding any reasonable out-of-pocket registration costs. By utilizing privacy services to shield their identity until the registrar verification stage, the respondent successfully maintained a barrier to informal resolution, forcing the brand owner into formal UDRP proceedings to recover their intellectual property.

This case underscores a critical vulnerability in defensive registration strategies, particularly regarding generic Top-Level Domains (gTLDs) like .top. While brand owners often secure .com and country-code extensions, the lack of coverage in emerging or less common gTLDs creates lucrative gaps for professional domain speculators. The respondent’s decision to register both the exact mark and a hyphenated variation, sod-exo.top, indicates a systematic approach to capturing brand traffic and blocking the legitimate owner. For IP professionals, this illustrates that even well-known marks are not immune to predatory registrations if defensive portfolios are not consistently audited against the expanding gTLD registry.

Beyond the immediate financial demand, the respondent’s failed request for a finding of Reverse Domain Name Hijacking (RDNH) represents an additional layer of business risk. Such counter-claims are often used to increase the legal and procedural burden on the complainant, potentially discouraging brand owners from pursuing legitimate enforcement actions. The Panel’s rejection of the RDNH claim confirms that seeking the transfer of domains held specifically for extortionate resale is a proper use of the Policy. This outcome provides a roadmap for addressing bad-faith actors who attempt to leverage aggressive procedural defenses to protect speculative assets.

Strategic Use of Valuation Data to Substantiate Bad Faith Intent

Sodexo’s enforcement strategy centered on the direct correlation between the respondent’s extreme valuation and the established global reputation of the SODEXO mark. By presenting evidence that the disputed domains—sodexo.top and sod-exo.top—were listed on a registrar marketplace for EUR 1,977,777.77, the complainant provided the panel with clear evidence of intent to sell for profit far exceeding out-of-pocket registration costs. This extortionate asking price, which exceeded 2.2 million USD by the time of the decision, served as the primary indicator of bad faith under the Policy. The complainant reinforced this by citing its history since 1966 and the recognition of its mark as well-known by previous UDRP panels, making the respondent’s claim of legitimate interest or lack of knowledge regarding the brand legally unsustainable.

The tactical failure of the respondent’s Reverse Domain Name Hijacking (RDNH) request further illustrates the strength of the complainant’s evidentiary position. Despite the respondent’s use of privacy services to mask their identity until the registrar verification stage and their subsequent attempt to frame the complaint as an abuse of process, the panelist rejected the RDNH claim entirely. For brand owners and IP professionals, this case highlights a specific vulnerability in newer generic Top-Level Domains (gTLDs) like .top, where speculators register exact-match or hyphenated strings to exploit gaps in defensive registration portfolios. The panel’s decision confirms that when a domain is used solely as a vehicle for multi-million euro resale attempts targeting a well-known mark, registration and use in bad faith are established.

Practical Recommendations

  • Audit domain portfolios for ‘punctuation gaps’ by monitoring hyphenated variations (e.g., brand-name.tld) alongside standard strings, as evidenced by the registration of sod-exo.top.
  • Expand defensive registration and monitoring strategies beyond legacy TLDs to include low-cost generic Top-Level Domains (gTLDs) like .top, which are frequently exploited for high-valuation resale tactics.
  • Document and time-stamp all marketplace listings immediately upon discovery to provide concrete evidence of ‘excessive profit’ intent, as the EUR 1,977,777.77 asking price was pivotal in establishing bad faith.
  • Mitigate the risk of Reverse Domain Name Hijacking (RDNH) counter-claims by citing prior UDRP decisions that establish the trademark’s ‘well-known’ status, which pre-emptively justifies the brand owner’s enforcement action.
  • Utilize Registrar verification stages to unmask respondents using privacy services early in the dispute process, ensuring that evidence of serial squatting or lack of rights can be linked to a specific identity.

Frequently Asked Questions (FAQ)

Why were the domains ‘sodexo.top’ and ‘sod-exo.top’ considered confusingly similar to the complainant’s mark?

The WIPO panel determined that the domains are confusingly similar because they incorporate the well-known ‘SODEXO’ trademark in its entirety, with the secondary domain simply adding a hyphen. This creates a high likelihood of confusion for users searching for the established brand.

How did the respondent attempt to justify the ownership of these domains, and why did the panel disagree?

The respondent failed to provide any evidence of rights or legitimate interests in the domains. Because the domains were redirected to a marketplace with an exorbitant asking price, the panel concluded the respondent’s sole intent was to profit from the trademark, which does not constitute a legitimate interest.

What evidence proved the respondent acted in bad faith?

Bad faith was established by the respondent’s attempt to sell the disputed domains for over EUR 1.9 million. Under the UDRP, registering a domain that incorporates a famous trademark with the intent to sell it for a price far exceeding out-of-pocket expenses constitutes clear evidence of bad faith.

What was the outcome of the respondent’s claim of Reverse Domain Name Hijacking (RDNH)?

The panel rejected the respondent’s request for a finding of RDNH. Since the complainant successfully proved all elements required under the UDRP policy, the claim that the legal action was filed in bad faith was found to be entirely without merit.

Facing a multi-million euro domain ransom?

When speculative registrants target your brand for exorbitant resale, proactive UDRP enforcement is often necessary to reclaim your digital assets and deter future exploitation.

Start domain recovery

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.