Everything.sucks publishes transfer auth codes for thousands of domains in latest .sucks pimpage

Everything.sucks, which is quickly emerging as one of the world’s most prominent organized cybersquatting projects, has a novel new way to sell .sucks domains without, technically, selling them.

The company, which casts itself as a “non-profit organization and communications forum for social activism” has published the transfer authorization codes for what appears to be the thousands of .sucks domains in its portfolio.

This means that anyone can transfer any of the company’s .sucks domains into their own registrar account with just a few clicks and without asking the current registrant — if they can afford the exorbitant transfer fee and don’t mind legal exposure.

You may recall that Everything.sucks is a Wikipedia-style web site that is fed by traffic from thousands of .sucks domains that, as the company freely admits, match the trademarks of famous companies.

Typing poptarts.sucks into your browser address bar will take you to the Everything.sucks wiki pages for Pop-Tarts, which contains content critical of the brand scraped from third-party web sites.

Everything.sucks emerged last year, and in October I reported that hundreds of .sucks domains were pointing there.

At the time, the web site carried banner ads on each brand’s page that took visitors to secondary-market sales pages at Sedo or Uniregistry, where the price was usually the same as the .suck’s registry’s wholesale price of $200.

I thought it was weird that a registrant at the very least flirting with cybersquatting would put up their domains at cost price, but Vox Populi, the registry, denied any involvement with the domains.

The registrant of these names, according to several UDRP decisions that it lost, is a probably fictitious individual named Pat Honeysalt, from a company called Honey Salt Ltd based in either Turks & Caicos or the UK.

Honey Salt has told UDRP panels that it registers the names on behalf of Everything.sucks. Given the volume of registrations, it must have spent many millions of dollars.

In any event, shortly after the UDRP cases started trickling in and not long after DI’s initial coverage, the banner ads on the .sucks pages disappeared.

And now, the auth codes have appeared. It looks like this:

Publishing auth codes right there on its web site appears to be the latest stage in a cat-and-mouse game Everything.sucks is playing with the trademark lawyers pursuing it through the UDRP process.

The boilerplate reads:

We occasionally buy a dot sucks domain and point it at a specific page. We do this to bring awareness to our site and because, well, we love the dot sucks domain. If you ask us if we would sell the domain, our answer is simple. Absolutely not. We will give it to you.

It’s not technically offering to sell these domains any more, right? As far as this nominal non-profit is concerned, it’s giving them away for free to anyone who wants them, including the brand’s owner.

But if you want the names, you’ve still got to pay for the transfer, of course. In the case of poptarts.sucks, it’s $2,399 at the registrar screen-capped below. Another registrar has the same name priced at $2,599.99.

If we’re following the money here, the only beneficiaries that spring to mind are Vox Pop, which gets its fat-margin registry fee, and the hapless registrar, which gets whatever its markup on a .sucks domain transfer is.

I tried these auth codes at six leading registrars and found that four of their shopping carts informed me point-blank that they do not support .sucks transfers at all.

Facebook gunning for Web.com in latest $27 million-plus cybersquatting lawsuit

Facebook has sued what it believes is a Web.com subsidiary, claiming the company has been engaged in wholesale cybersquatting for well over a decade.

The complaint, filed in a Pennsylvania District Court, alleges that New Venture Services Corp current owns 74 domains, and has previously owned 204 more, that infringe its Facebook, Instagram and WhatsApp trademarks.

While no other named defendants are listed, the complaint makes it abundantly clear that it believes NVSC is a subsidiary of Web.com and a sister of Network Solutions, Register.com, SnapNames and Perfect Privacy.

Facebook is suing partly under the Anti-Cybersquatting Consumer Protection Act, allowing it to claim $100,000 damages per infringing domain, so we’re looking at a floor of $27.8 million of potential damages should the lawsuit be successful.

But it’s also looking for NVSC to hand over any profits it’s made from the domains in question, which are generally parked with ads and listed for sale via the SnapNames network for premium fees.

While NVSC is registered in the British Virgin Islands and uses a Pennsylvania post office box as its mailing address, there’s a wealth of evidence going back to 2007 that it’s been affiliated first with NetSol and then Web.com.

Web.com’s last regulatory filing before it went private in 2017 lists NVSC as a subsidiary, which is probably the most compelling piece of evidence establishing ownership.

It appears that NVSC is a shell company that Web.com uses to hold potentially valuable or traffic-rich domains that its customers have allowed to expire. The names are then parked and put up for resale.

Example domains listed in the complaint include httpinstagram.com, faceebbok.com, facebooc.net, instagram-login.com, and installwhatsapps.com.

One would have to assume these names were captured using a fully automated process; even a cursory human review would clock that they’re useful only to bad actors.

The lawsuit is the latest in Facebook’s crusade against mainstream registrars it believes are profiting by infringing its trademarks, which has already ensnared Namecheap a year ago and OnlineNIC in October 2019.

Namecheap recently filed a counterclaim in which it tries to get some of Facebook’s trademarks cancelled.

Facebook has all but admitted that putting legal pressure on registrars is part of its strategy when it comes to getting the policies it wants out of ICANN on privacy and Whois access, where there’s currently an impasse.

Here’s the complaint (pdf).

.sucks mystery deepens. Who the hell is Pat Honeysalt?

Another two .sucks domain names registered by the gTLD’s most prolific registrant have been found to be cases of cybersquatting, but now the squatter’s true identity is becoming more opaque.

In two recently decided UDRP cases before WIPO, registrant Honey Salt Ltd was found to have cybersquatted by registering and offering for sale bfgoodrich.sucks, uniroyal.sucks and tetrapak.sucks.

While earlier cases filed with the Czech Arbitration Forum had identified Honey Salt as a Turks & Caicos company, the latest few WIPO cases say it is a UK-based company.

However, searches at UK Companies House do not reveal any company matching that name.

The latest WIPO cases also identify an individual allegedly behind said company as a respondent, one “Pat Honeysalt”.

That’s either a pseudonym, or we’ve found one of those people who have somehow managed to keep their name out of Google’s index despite being well-funded and tech-savvy.

Honey Salt is believed to be the registrant of thousands of .sucks domains, all matching the trademarks of big companies, which all point to Everything.sucks, a wiki-style web site comprising scraped third-party criticism targeting the brands in question.

Its defense in its UDRP cases to date has been that it is providing non-commercial free speech criticism, and that the inclusion of “.sucks” in the domain means users could not possibly believe the site is officially sanctioned by the brand.

All but one UDPR panel has so far not believed this defense, with panelists pointing out that the domains in question are usually listed for sale on the secondary market (sometimes at cost, sometimes at an inflated price).

They further point out that the criticism displayed on the Everything.sucks site was written by third parties, often prior to the registration of the domain in question, so Honey Salt cannot claim to be exercising its own free-speech rights.

Honey Salt is represented in its UDRP cases by the very large US-based law firm Orrick, Herrington & Sutcliffe, which also represents .sucks registry Vox Populi.

Everything.sucks, in losing UDRPs, puts the lie to the .sucks business model

The World Intellectual Property Organization has delivered its first UDRP decision concerning a .sucks domain name, ruling that the name sanofi.sucks is in fact cybersquatting.

The three-person panel ruled that the domain was identical or confusingly similar to a trademark owned by Sanofi, a French pharmaceuticals manufacturer involved in producing vaccines for the COVID-19 virus.

That was despite the fact that the registrant, affiliated with the Everything.sucks project, argued that nobody would think a domain name ending in “.sucks” would be affiliated with the trademark owner.

That argument flies in the face of official .sucks registry marketing from Vox Populi Registry, which positions .sucks as a place for brand owners to consolidate and manage customer criticism, feedback and support.

The sanofi.sucks case is one of two UDRP losses in the last few weeks for Honey Salt, a Turks and Caicos-based company that is believed to account for over a third of all .sucks registrations.

Honey Salt has registered thousands of brand names in .sucks, linking them to a wiki site operated by Everything.sucks Inc that contains criticism of the brands concerned copied from third-party web sites such as TrustPilot and GlassDoor.

There’s evidence that Everthing.sucks and Honey Salt are affiliated or share common ownership with Vox Pop, but the registry has denied this.

In the Sanofi case, Honey Salt mounted a free speech defense, saying it was providing a platform for legitimate criticism of the company and that Sanofi was using the UDRP to silence such criticism.

Sanofi claimed that the domain had in fact been registered for commercial purposes and to unfairly suggest an official connection to the company.

But what’s interesting is how Honey Salt argues that the domain itself, regardless of the associated web site’s content, is not confusingly similar to the Sanofi mark. The WIPO panelsts wrote, with my added emphasis:

The Respondent maintains that the disputed domain name is not identical or confusingly similar to a trademark in which the Complainant has rights. According to it, the “.sucks” gTLD is not like other generic TLDs, and its pejorative nature renders the disputed domain name as a whole nonidentical and prevents confusion, and the inclusion of “.sucks” in the disputed domain name makes clear that the associated website is not affiliated with the Complainant, but instead contains criticism of it and of its business.

In other words, if you visit a .sucks domain, you automatically will assume that the site is not associated with the brand owner.

Honey Salt seems to have made an identical argument in the UDRP case of cargotec.sucks, which it also lost at the Czech Arbitration Forum last month. The panelists in that decision summarized the company’s defense like this:

The TLD at issue here, however, .sucks, is not like other generic top level domains. Its pejorative nature renders the domain name as a whole nonidentical and prevents confusion… The inclusion of “.sucks” makes abundantly clear that the website is not affiliated with Complainant and instead contain criticism of its business.

Again, this is completely contrary to the stated goal of the .sucks registry.

Vox Pop has from the outset claimed that .sucks domains are a way for brands to aggregate customer feedback and criticism in one place, using a .sucks domain controlled by the brands themselves.

That purpose goes all the way back to its 2012 ICANN new gTLD application and continues to this day on its official web site and Twitter feed, which is primarily used to goad companies undergoing media controversies into registering and using their .sucks exact-match.

Hey, @WWE, everyone gets criticized, but not everyone has the stones to own it. You? I mean, you likely already control https://t.co/qHuEXjfVn5, why not use it? What do you think, @bleedingcool? https://t.co/Yv6b9OEaFp

— DotSucks (@dotsucks) January 24, 2021

Back in 2015, Vox Pop CEO John Berard told us:

A company would be smart to register its name because of the value that consumer criticism has in improving customer loyalty, delivering good customer service, understanding new product and service possibilities… They’re spending a lot more on marketing and customer service and research. This domain can another plank in that platform

Vox Pop even owns and uses voxpopuli.sucks and dotsucks.sucks, where it hosts a little-used forum welcoming criticism from people who say the company sucks.

But Honey Salt, its largest registrant by a significant margin, is now on-record stating that .sucks domains only imply ownership by third parties and could not possibly be confused with brand-owner ownership.

If the Many Worlds interpretation of quantum mechanics is correct, there exists a corner of the multiverse in which Honey Salt and Everything.sucks are just fronts for the entities that also control Vox Pop and its top registrar, Rebel.com. In that universe, it would be trippy indeed for the registry’s own affiliates to admit its entire stated business model is bullshit.

In our universe, that particular cat, which very probably has a goatee, is still firmly in the box, however.

Speculative forays into science fiction aside, Honey Salt’s record on UDRP is now three losses versus one win. It has six more cases pending at WIPO

Facebook lawsuit brings one country’s domain to a screeching halt

Bangladesh’s ccTLD registry has reportedly frozen all registrations and transfers after a cybersquatting lawsuit filed by Facebook.

According to local reports a couple weeks back, Bangladesh Telecommunications Company Ltd has implemented Draconian pre-registration roadblocks to registration, such that only exact-match domain names are available to individuals and organizations.

And Western corporate registrar CSC said today that BTCL has “implemented a temporary suspension to registration and transfer orders due to an ongoing legal matter” and is “diligently working to draft new regulations and procedures for registration orders.”

Registrants can still manage their Whois and DNS settings as normal, CSC said.

Facebook sued the registrant of the domain facebook.com.bd last November, asking for the domain to be cancelled and for $50,000 in damages, dragging BTCL into the case.

According to reports, the domain had been registered in 2008 when the registry used a largely paper-based system, but Facebook only resorted to the courts last year when the registrant listed it for sale for $6 million.

It’s a textbook case of cybersquatting, but .bd evidently does not have the mechanisms — such as UDRP — to handle such malfeasance outside of the courts.

While a Dhaka court reportedly issued an injunction against the domain in question, it’s still resolving and still listed for sale at $6 million.

Security firm sues Facebook to overturn UDRP loss of “good faith” typo domains

Security company Proofpoint has sued Facebook in order to keep hold of several typo domains that are deliberately intended to look like its Facebook and Instagram brands.

Proofpoint wants an Arizona court to declare that facbook-login.com, facbook-login.net, instagrarn.ai, instagrarn.net and instagrarn.org are not cases of cybersquatting because they were not registered in bad faith.

Proofpoint — a $7 billion company that certainly does not phish — uses the domains in anti-phishing employee training services, as it describes in its complaint:

Proofpoint uses intentionally domain names that look like typo-squatted versions of recognizable domain names, such as , and the other Domain Names at issue in these proceedings.

By using domain names similar to those of well-known companies, Proofpoint is able to execute a more effective training program because the workforce is more likely to learn to distinguish typo-squatted domains, which are commonly abused by bad actors to trick workers, from legitimate domain names.

Employees who click the bogus links are taken to harmless web pages describing how they were duped.

The court case comes shortly after Facebook prevailed in a UDRP case filed with WIPO.

In that case, the panelist decided that Proofpoint had no legitimate interest in the domains because they led to web sites that linked to Proofpoint’s web site, where commercial services are offered.

He therefore found that the names had been registered in bad faith, because visitors could assume that Facebook or Instagram in some way endorsed these services.

Proofpoint wants the court to reverse that decision and allow it to keep the names. Here’s the complaint (pdf).

It strikes me as at the very least bad form for Facebook to go after these domains, given that Proofpoint is tackling the Facebook phishing problem at source — user idiocy — rather than the reactive, interminable UDRP whack-a-mole Facebook seems to be engaging in.

WIPO handles 50,000th UDRP case as coronavirus drives complaints

The World Intellectual Property Organization handled its 50,000th UDPR case on November 20, the organization has announced.

It’s taken WIPO, which designed the policy and was the first to administer it back in 1999, over two decades to reach this milestone.

WIPO said that the 50,000 cases cover almost 91,000 domains, with complaints and respondents from over 180 countries.

The organization believes the coronavirus pandemic this year has driven growth, with an 11% increase in cases recorded between January and October. There were 3,405 cases over this period.

Erik Wilbers, director of the WIPO Arbitration and Mediation Center, said in a press release:

With a greater number of people spending more time online during the pandemic, cybersquatters are finding an increasingly target-rich environment. Rights owners, meantime, are stepping up their brand enforcement on the Internet as they further shift to marketing and selling online.

GoDaddy has a secret weapon in its push into corporate domains

While GoDaddy has been focused for the last two decades on small and microbusiness customers, its entry this year into the corporate domains management space should not be dismissed — the company has one huge advantage.

Earlier this week, the company announced the launch of GoDaddy Corporate Domains, really just a rebranding of the company Brandsight, which it acquired back in February.

The move pits GoDaddy against industry leaders such as MarkMonitor, CSC, Com Laude, Safenames et al.

But the company has one huge advantage that its new competitors do not have: cybersquatters and criminals.

Buried at the bottom of this week’s press release is the announcement of a new service, the Verified Intellectual Property program, which “provides pre-vetted, well-known and famous brands an escalation path to address IP abuse”.

It sounds basically like a trusted notifier service not unlike those offered at the registry level by the likes of Donuts and Radix.

VIP clients will be able to get sites and domains hosted on GoDaddy taken down much quicker, via a special escalation email address, a spokesperson said. Takedown requests will still be subject to manual review, he said.

VIP is currently invitation-only, but I assume being a Corporate Domains customer would help expedite an invitation.

This kind of service is something GoDaddy’s new rivals cannot offer — they generally have no retail channel or hosting, so have no cyberquatters, pirates or counterfeiters as customers. If they want to take down a domain or web site, it’s not a simple matter of flipping a switch.

They also don’t have tens of millions of domains under management, many of which, through no fault of GoDaddy, will be maliciously registered.

This is potentially a pretty cool USP for GoDaddy, which could have rivals worried.

Free speech, or bad faith? UDRP panels split on Everything.sucks domains

The first wave of UDPR cases targeting domains used by Everything.suck have seen split decisions by the panels.

At least four .sucks domains, all owned by the same Turks and Caicos company, have been hit by UDRP complaints recently, and two have already been decided.

One case, over the domain miraplex.sucks, resulted in victory for the registrant while the other, over bioderma.sucks, led to defeat and a transfer.

Both domains are owned by Honey Salt Ltd, and both redirect to a page on Everything.sucks, a Wikipedia-style site that uses content scraped from third-party sites and social media to present a scrappy form of gripe microsite.

In both UDRP cases, Honey Salt chose to mount a “free speech” defense, claiming that it had rights to the names because they were being used to publish criticism of the brands in question.

As I noted last week, UDRP panels have historically been divided on when this defense should be successful. WIPO guidance suggests that gripe sites should be permitted as long as the criticism is genuine and non-commercial.

But Everything.sucks was decidedly commercial at the time these two complaints were filed. Each site featured a banner leading to a page on Sedo or Uniregistry where the domain could be purchased (usually at registry wholesale prices).

Miraplex is a brand of Parkinson’s disease medicine. In this case, the panel decided that the complainant, a pharmaceuticals company, failed to make the case that Honey Salt had no legitimate interests in the domain, writing:

the Complainant argues that the website linked to the disputed domain name displays information about the Complainant and its MIRAPEX medicines, but failed to explain (let alone substantiate) why this should be regarded as a lack of rights or legitimate interests in the disputed domain name (which seems to have a criticism purpose). Also, the Panel finds that the offering for sale of a domain name is not by itself a proof of lack of rights or legitimate interests.

The panel seems to have given special consideration to the fact that it’s a .sucks domain, where one might expect to see criticism.

Given the nature of the “.sucks” domain name gTLD, and given the evidence (or lack of evidence) submitted by the parties, the Panel finds that the Complainant did not prove that the Respondent lacks rights or legitimate interests in the disputed domain name. In particular, the Panel would have expected the Complainant to target its arguments and evidence to the specific criticism-nature of “.sucks” domain names (which the Complainant failed to do).

The decision is written in such a way as to suggest that it is the complainant’s lack of substantiating evidence, rather than the panel’s gullibility, that is to blame for the complaint failing.

The Panel finds that the Respondent’s claim that the website available through the disputed domain name has a criticism purpose is not devoid of credibility. The Panel would have expected the Complainant to argue (and corroborate) why it considers this “.sucks” domain name and its purported free expression character as a “smoke screen” and why it is of the opinion that the predominant purpose of the Respondent is to sell this domain name rather than to provide a forum for discussion and criticism. The Complainant did not explain nor substantiate why it considers the criticism character of this website as a pretext. The Panel also finds that the offering of a domain name for sale is not by itself evidence of bad faith.

The bioderma.sucks case is an entirely different story, with the panel writing that Honey Salt’s “entire endeavour seems to the Panel to be a pretext for commercial activity”.

Honey Salt’s “pretext” is that it registers domain names on behalf of a non-profit entity called Everything Sucks Inc, which appears to have been formed in Delaware this April. It told the Miraplex panel that whenever a wiki page is created at Everything.sucks, it registers the corresponding domain name.

Given that over two thousand .sucks domains were registered in June in the space of a couple days, that seems unlikely to me.

The Bioderma panel wasn’t buying it either.

The process by which the disputed domain name was registered seems to be automatic and, importantly, took place before any criticism whatsoever was even present on the website (as may be inferred from the Parties’ evidence, namely the Complainant’s screenshot of June 24, 2020). The alleged criticism seems to have been added as an afterthought between that date and the date when the Response was filed, further calling its genuineness into question.

It also noted that the content of the site comes from third parties, rather than the registrant, again calling its genuineness into question. The panel added:

Even assuming a third party generated the page on the Respondent’s website in order to engage in non-commercial criticism, rather than the Respondent itself, the Respondent immediately proceeds to exploit the position commercially by registering and offering the disputed domain name for sale.

This blatant commercial use was important to the panel in establishing a lack of legitimate interests and also bad faith.

Respondent’s approach was to take unfair commercial advantage of the Complainant’s name and trademark while having no actual criticism or free speech of its own in which to engage. It looked to sell the disputed domain name on the open market before any criticism had even been published. The fact that the disputed domain name is used for a web page not containing genuine criticism content but only automatically generated links loosely related to the Complainant’s product (as demonstrated by the Complainant’s screenshot dating from before the filing of the present Complaint) constitutes further evidence of bad faith. The fact that the disputed domain name is used in a page containing links to other companies and where the relevant domain names (to which the links point) are systematically put on sale by the Respondent is additional evidence of cybersquatting.

The panel ordered bioderma.sucks transferred.

Two cases, two very different outcomes.

Both complaints were filed at the Czech Arbitration Court by the same lawyer within a few days of each other, and were decided within a week of each other, but by different three-person panels.

With this in mind, it seems likely that both panels were presented with a very similar set of facts and evidence, and that the make-up of the panel was important to which party emerged victorious.

Two additional cases, bfgoodrich.sucks and mandmdirect.sucks, both Honey Salt domains, are currently active at WIPO. It’s unclear whether they were filed before or after Everything.sucks removed its banner ads, which happened about a week ago.

That .sucks weirdness? Worse than I thought

A business plan to turn .sucks into a massive Wikipedia-style gripe site, described by trademark lawyers five years ago as a “shakedown”, has reared it ugly head again.

You may recall that earlier this week I reported how somebody had registered many hundreds of .sucks domain names and listed them for sale on secondary market web sites at cost price. It looked weird, almost as if the registry or an affiliate was the registrant, which the registry denied.

It turns out I only told you half the story, for which I can only apologize.

At the time, the domains in question were not resolving for me, probably due to my terrible, block-happy ISP. But now they are resolving, and they reveal the return of Everything.sucks, a plan first floated by the .sucks registry in 2015.

It’s a network of hundreds of .sucks micro gripe-sites, each targeted to a specific brand and each each populated with content scraped, usually without citation, from Wikipedia, social media, and consumer-review aggregator web sites.

Here’s where jackdaniels.sucks takes you, for example (click to enlarge).

The description of the company is taken from Wikipedia. The customer comments below are taken from reviews of an apparently unrelated company called The Whisky Exchange published by TrustPilot, and the social media posts have been pulled from Instagram users deploying the hashtag #jackdanielssucks.

Other pages on the site seem to scrape content from GlassDoor, a site where employees review their employers.

While there’s nothing wrong with gripe sites, automating their creation over hundreds or even thousands of brands that you don’t genuinely have gripes with seems, charitably, churlish.

And these gripe sites are — or at least were — being monetized.

You’ll see a banner ad in the top-right corner of the above screen-grab, offering jackdaniels.sucks for sale. The link took you to a page on Sedo that offers the domain for sale with a buy-now price of $199 (the same as the registry’s wholesale fee).

Banners on other pages led to landers on GoDaddy-owned Uniregistry.com with prices of $599.

These banners, which appeared on every brand’s page that I checked, seem to have disappeared at some point over the last two days. I’m sure the change is unrelated to the fact that I started asking .sucks registry Vox Populi and parent Momentous difficult questions about these trademark-match domains on Wednesday.

While UDRP panels have disagreed over the years, there’s precedent dating back two decades that “trademarksucks.tld” domains with sites that contain genuine, non-commercial criticism can confer legitimate rights to the registrant and are therefore NOT cybersquatting.

I doubt a site that actively tries to sell the domain name in question for above out-of-pocket costs could be considered non-commercial.

Still, it looks like those banners are gone now, and I can’t find any other examples of obvious monetization.

I use jackdaniels.sucks as an example here as it’s the site I took a screenshot of before the changes, but there are many hundreds of similar trademark-match domains being used to feed traffic to Everything.sucks.

I note that unitedinternet.sucks, named after the parent company of Sedo, is for sale for $199 on Sedo and leads to a gripe site on Everything.sucks containing less-than-complimentary remarks. It’s for sale at $599 on Uniregistry.

But who is Everything.sucks?

The concept itself originates with the .sucks registry itself. Before the TLD launched in 2015, it floated the idea to a tsunami of criticism from trademark owners.

The plan back then was to sell .sucks domains for .com prices — a discount of a couple hundred dollars — but only to registrants unaffiliated with the trademark owner. These registrants would have had to forward their domains to an Everything.sucks-branded discussion forum.

Back then, Vox Pop said it planned to work with a non-for-profit third party on this initiative.

That third party never materialized, and later in 2015 appeared to mutate into a system called This.sucks, operated by a company called This.sucks Ltd, which took over the Everything.sucks domain name.

This.sucks sold .sucks domains for $12 a year, with the domains pointing to a forum/blogging platform that the company hoped to monetize.

Both This.sucks and Vox Pop denied there was any link between the two companies, but I later uncovered a lot of compelling circumstantial evidence linking the two companies, including the fact that Rob Hall, CEO of Vox Pop parent Momentous, paid for This.sucks’ web site design.

This.sucks appears to have fizzled out in the intervening years, but now Everything.sucks is back with a mystery registrant snapping up thousands of domains, at a cost of at least half a million bucks, under the Everything.sucks brand.

Public Whois is useless nowadays, of course.

But the front page of Everything.sucks describes it as “a non-profit organization and communications forum for social activism”.

Many of the domains that redirect to its site appear to be registered to a Turks and Caicos company called Honey Salt Ltd, a name that does not naturally suggest a non-profit entity.

Others use Momentous’ domain privacy service. All appear to be registered via Momentous-owned registrar Rebel, which sells .sucks domains at cost and is therefore one of the cheapest registrars on the market.

Back in 2015, intellectual property interests expressed doubt that the proposed Everything.sucks third party and the This.sucks third party were not in fact just smokescreens, fronts for the registry itself.

Vox Pop CEO John Berard on Wednesday denied to DI that the company had any involvement in the recent spurt of trademark-match registrations being used by Everything.sucks and expressed a lack of knowledge about the registrant’s intent.

I’ve not yet received comment from Momentous, but I’d be very surprised if the company does not know who is behind Everything.sucks.

At the very least, Vox Pop and Rebel are both privy to the unexpurgated Whois and/or customer records for whoever is running Everything.sucks and whoever it is that has grown the .sucks zone file by about 50% since June.