3/14/2026ยทreverse domain name hijacking

Reverse Domain Name Hijacking: How a Music Platform Tried to Steal Splice.ai (And Failed)

A major music creation platform just tried to take a domain name from its rightful owner โ€” and got caught. The splice.ai case is a textbook example of reverse domain name hijacking, and it holds critical lessons for every domain owner.

What Happened: The Splice.ai Case

In March 2026, a UDRP panelist ruled that Distributed Creation, Inc. โ€” the company behind the popular music creation platform at splice.com โ€” attempted reverse domain name hijacking against the owner of splice.ai.

Splice.ai is owned by splice.ai GmbH, a legitimate Austrian company founded in 2017 that received a grant from the Vienna Business Agency. The company has corporate registration, filed accounts, vendor relationships, and a named management team.

Despite all this evidence of a real, functioning business, the complainant described splice.ai's website as a "facade of legitimacy" and called the business a "sham."

The panelist, Nick Gardner, didn't buy it. His ruling was blunt and devastating for the complainant.

What Is Reverse Domain Name Hijacking?

Reverse domain name hijacking (RDNH) occurs when a trademark owner files a UDRP (Uniform Domain-Name Dispute-Resolution Policy) complaint in bad faith, trying to take a domain name they have no right to.

The UDRP was created to protect trademark holders from cybersquatters โ€” people who register domain names containing trademarks with the intent to sell them at inflated prices. But some companies abuse the system, filing complaints against legitimate domain owners in hopes of stealing their domains.

When a panelist finds that a complaint was filed in bad faith, they can declare reverse domain name hijacking โ€” essentially a formal finding that the complainant tried to abuse the dispute resolution system.

Why the Splice.ai Case Matters

The splice.ai ruling is significant for several reasons:

1. Common Words Aren't Exclusive Property

Panelist Gardner emphasized that "splice" is an ordinary English word with multiple concurrent users. The complainant's case read "as though the word SPLICE is a coined term that is uniquely associated with the Complainant." It isn't.

This is a crucial point for domain owners. Owning a trademark on a common English word for one industry doesn't give you rights to that word across all domains and all TLDs. A company called Splice that makes music software doesn't automatically own splice.ai, splice.io, or any other variation.

2. .ai Domains Are Prime Targets

The splice.ai case highlights a growing trend: as .ai domains become more valuable, companies that own the .com version are increasingly trying to grab matching .ai domains through dispute proceedings rather than purchasing them fairly.

With Bot.ai selling for $1.2 million โ€” the largest publicly reported .ai sale ever โ€” the financial incentive to grab .ai domains through UDRP instead of buying them is enormous. Some companies clearly view the ~$1,500 cost of filing a UDRP complaint as a bargain compared to paying market price.

3. Misleading Evidence Can Backfire

The panelist noted that the complainant "made no reference at all to the copyright footer on the splice.ai website, its reference to splice.ai GmbH and the link to further corporate information about that company." Worse, the screenshot evidence they submitted was "of extremely poor quality and the copyright footer barely legible."

This suggests the complainant deliberately tried to hide evidence of the domain owner's legitimate business. The panelist saw through it.

4. Made-Up Legal Concepts Won't Work

The complainant argued that splice.ai's use constituted "aggravated passive holding" โ€” a term the panelist noted "is not so far as the Panel is aware a recognized concept under any previous decided UDRP decisions." Inventing legal theories to support a weak case is a recipe for an RDNH finding.

The Growing RDNH Problem

The splice.ai case isn't an isolated incident. Reverse domain name hijacking attempts have been increasing, particularly targeting valuable alternative TLDs.

Just this month, a Denver-area med spa called Poshpod also received an RDNH ruling after trying to take a domain through WIPO. And with WIPO's new $20 pricing for withdrawn cases making it cheaper than ever to file complaints, there's concern that more companies will use the UDRP as a low-cost fishing expedition.

Here's how a typical RDNH attempt plays out:

  1. Company owns trademark and .com domain โ€” e.g., splice.com
  2. Someone else owns matching alternative TLD โ€” e.g., splice.ai
  3. Company files UDRP complaint claiming cybersquatting
  4. If respondent doesn't reply (many don't), company wins by default
  5. If respondent fights back with evidence of legitimate use, the complaint fails โ€” and may result in an RDNH finding

The scary part is step 4. Many legitimate domain owners don't respond to UDRP complaints because they don't understand the process, can't afford a lawyer, or simply don't see the notification in time. In those cases, the hijacker wins.

How to Protect Your Domains from Reverse Hijacking

Whether you own a single domain or a portfolio, here are practical steps to protect yourself:

Keep Your Contact Information Current

UDRP notifications are sent to the email address in your domain's Whois record. If that email is outdated, you might never see the complaint โ€” and you'll lose your domain by default. Use our Whois lookup tool to verify your contact information is current.

Document Your Legitimate Use

The reason splice.ai GmbH won was thorough documentation: corporate registration, government grants, filed accounts, vendor relationships, and a named management team. If you're using your domain for a real business, keep records of:

  • Business registration documents
  • Financial records showing revenue or investment
  • Screenshots of your website over time (the Wayback Machine helps)
  • Customer communications or contracts
  • Any press coverage or third-party mentions

Respond to UDRP Complaints Immediately

You typically have 20 days to respond to a UDRP complaint. Don't ignore it. Even if you think the complaint is frivolous, failing to respond usually means losing your domain. The splice.ai panelist explicitly noted that without a response, the complainant's misleading evidence might have gone unchallenged.

Know Your Rights with Common Words

If your domain contains a common English word, you have strong defenses against UDRP claims. Words like "splice," "connect," "bridge," or "spark" aren't the exclusive property of any single company. Multiple businesses can legitimately use the same common word in different contexts and different TLDs.

Consider Domain Name Legal Insurance

Some domain investors and businesses purchase legal insurance or maintain relationships with domain name attorneys. John Berryhill, who represented the splice.ai owner, is one of the most well-known domain name lawyers. Having legal representation ready can make the difference between keeping and losing a domain.

The AI Domain Gold Rush Makes This Worse

The current surge in .ai domain values is making reverse hijacking attempts more tempting. When .ai domains were worth a few hundred dollars, companies would just buy them. Now that premium .ai names can fetch six or seven figures, the calculus has changed.

Domain industry expert Jeff Gabriel of Saw.com recently noted that some clients now "prefer the .AI over the .COM even when the price of .AI is MORE than the .COM." As .ai becomes the default TLD for AI companies, .com owners who missed the boat on registering the .ai version early are getting desperate.

This trend extends beyond .ai. As we've documented, repurposed ccTLDs like .io, .tv, and .co have all seen UDRP activity as their values climbed.

What the Domain Industry Should Do

The splice.ai ruling is a win for domain owners, but the system still has problems:

  • RDNH penalties are too weak. A finding of reverse domain name hijacking is essentially just a public shaming. There are no financial penalties, no requirement to pay the respondent's legal fees, and no ban on filing future complaints.
  • Default judgments are too easy. When respondents don't reply, panels should scrutinize complaints more carefully rather than rubber-stamping transfers.
  • WIPO's $20 withdrawal option could incentivize more fishing expeditions โ€” file a complaint, get the registrant's identity through privacy disclosure, then withdraw for just $20.

Until these structural issues are addressed, domain owners need to stay vigilant.

Check Your Domain's Vulnerability

Wondering if your domain could be targeted? Domains at highest risk for reverse hijacking attempts share these characteristics:

  • Contains a common English word that's also a company name
  • Uses a trending TLD (.ai, .io, .app)
  • Is not currently developed or shows minimal content
  • Has Whois privacy enabled (making the owner anonymous)

Use our domain search tool to explore alternative TLDs for your brand, check current domain values to understand what your domains might be worth, and make sure your Whois information is up to date.

The splice.ai case shows that the system can work when domain owners fight back. But prevention is always better than cure โ€” document your use, keep your contact info current, and know your rights.

๐Ÿ” Looking for a reverse domain name hijacking domain?

Search 400+ extensions instantly. See prices. Register in seconds.

Search Domains Free โ†’

๐Ÿ“š Keep Reading

โ†’ More articles about domains, TLDs, and the webโ†’ Browse all 400+ domain extensionsโ†’ Domain pricing comparison guide

Ready to find your perfect domain?

Search Now โ€” Free โ†’
โ† Back to all posts
Reverse Domain Name Hijacking: How a Music Platform Tried to Steal Splice.ai (And Failed) โ€” DomyDomains Blog