UDRP

Uniform Domain-Name Dispute-Resolution Policy. ICANN-administered arbitration for resolving disputes over domain names that infringe registered trademarks. Filed through WIPO, the National Arbitration Forum, or other approved dispute providers. Three-member or single-panelist decisions.

URS

Uniform Rapid Suspension System. A faster, lower-cost alternative to UDRP for clearer cases of trademark infringement. Suspends the domain rather than transferring it. Often used as a precursor or alternative to UDRP for time-sensitive cases.

CZDS

Centralized Zone Data Service. ICANN-administered portal that grants approved access to gTLD zone files, refreshed daily. DomainSafe holds CZDS access for .com and uses it as the authoritative detection source.

Zone file

The DNS zone file is the authoritative list of all registered domains in a top-level domain, including name server records and IP addresses. The .com zone file contains roughly 160 million records and refreshes daily through CZDS for approved parties.

Homoglyph

A character that looks visually identical or nearly identical to another character. Typically used in domain abuse via Unicode characters (Cyrillic, Greek) that render the same as Latin characters. acmе.com (with Cyrillic e) renders as acme.com to most readers.

Typosquat

A domain registration designed to capture traffic from users who mistype a legitimate domain. Common patterns include character substitution (rn instead of m), missing characters (amzon.com), repeated characters (gooogle.com), and TLD variation (acme.co instead of acme.com).

Drop-catch

The process of registering a domain at the exact moment it becomes available again after the previous registrant lets it expire. Drop-catching services use registrar partnerships and infrastructure to compete for high-value drops.

Pending Delete

A 5-day status period at the end of the domain lifecycle when an expired domain has not been renewed and will be released back to the public. The drop happens at the end of pending delete; drop-catchers compete for the registration in the moments after.

Certificate Transparency

A public log system that records every TLS certificate issued by participating certificate authorities. Useful for brand protection because new certificates issued for lookalike subdomains appear in CT logs and can be monitored before traffic reaches the lookalike.

Passive DNS

Historical DNS resolution data captured by infrastructure providers and threat intel partners. Used to surface unexpected subdomain resolution, IP address pivots, and infrastructure overlap with prior abuse.

Reverse Domain Name Hijacking (RDNH)

A UDRP panel finding that a complainant filed in bad faith, attempting to use UDRP to take a domain they had no legitimate trademark claim to. RDNH findings can result in adverse rulings against the complainant and may discourage future filings.

OSINT

Open-source intelligence. Information gathered from publicly available sources (WHOIS, social media, corporate filings, news archives) for use in research and case planning. OSINT for UDRP cases typically covers the registrant pattern, prior abuse history, and infrastructure overlap.

Glossary expands as new terms come up in client conversations. Have a term you want defined? Send it.