Nike has spent decades building value around "Just Do It," yet the phrase now sits one click away from becoming an onchain top-level domain. On Freename, a Web3 alternative DNS registry outside ICANN, ".justdoit" exists as a registrable TLD, and Nike doesn't control it.
As of March 2026, available Freename search and public onchain records don't show ".justdoit" as registered to any holder. That gap matters because Freename TLDs can be minted and transferred onchain, which means ownership and control can move fast, and outside the usual corporate domain playbook. So what happens when a third party acquires a slogan-based TLD and starts issuing subdomains that look official?
This is the Web3 brand protection gap in plain terms. Traditional defenses like registrar locks, UDRP complaints, and court orders built around ICANN governance don't map cleanly onto onchain naming systems that live on different rails, with different records, and different enforcement paths.
For legal, brand, and risk teams, ".justdoit" is a simple case study with a clear takeaway: waiting for confusion to surface is a costly strategy. The mechanics are new, but the exposure is familiar, consumer trust, impersonation risk, and brand dilution, now packaged as programmable naming infrastructure.
An onchain top-level domain (TLD) looks like a familiar internet suffix, but it sits on different rails. Instead of living inside the ICANN-led DNS root, it exists inside a Web3 naming system where ownership is tied to a crypto wallet and recorded through platform tooling and blockchain data.
That distinction matters for brand risk. A Freename TLD like .justdoit can be held by an independent onchain investor (verifiable via the Freename Whois and public onchain records), even if you won't find the same signals you'd expect from a traditional domain lookup.
In the ICANN world, brands operate inside a mature governance stack. Registries and registrars follow published policies, domains renew on a calendar, and disputes have known channels. If someone registers a confusing name, legal teams can often lean on a familiar process, whether that's registrar escalation, a UDRP-style complaint path, or court orders that flow through centralized intermediaries. Just as important, the system has consistent norms around records and access, even after privacy changes narrowed public WHOIS.
Web3 naming systems strip out much of that shared control layer. With Freename-style onchain TLDs, the unit of control is closer to property than a lease. Ownership maps to a wallet, transfers can happen peer-to-peer, and resale can occur through marketplaces without a registrar acting as a practical gatekeeper. Rules still exist, but they tend to be platform-set, contract-set, or ecosystem-set, not an internet-wide policy baseline that every participant must follow.
That's why familiar signals often fail. The absence of public WHOIS detail or search engine results is common for these TLDs, and it doesn't mean they're unregistered. It usually means the namespace doesn't resolve through standard DNS, and the record trail lives in platform lookups, wallet data, and blockchain explorers rather than in the places brand teams check first.
In DNS, enforcement often targets the middlemen. In onchain naming, there may be fewer middlemen to compel.
Confusion risk doesn't require mass adoption, it requires a plausible path from a consumer to a trusted action. Web3 naming systems create several. A fan might see a .justdoit name in a wallet app and assume it works like a verified payment handle. Another might click a .justdoit link shared on social media, where the suffix reads like an official Nike campaign hub. A third might scan a QR code on a resale listing or merch insert that routes to drops.justdoit or claim.justdoit through a Web3 gateway that translates the name into a reachable page.
Those journeys are realistic because the suffix itself does persuasive work. "Just Do It" is a slogan people already associate with Nike, so the brain fills in the missing pieces. The user does not stop to ask what registry sits behind it, or whether the naming system follows ICANN rules. If a fan sees a .justdoit link, would they check who owns it? Most wouldn't, especially on mobile, where link previews are short and context gets lost.
The practical result is a new kind of lookalike risk. Even when a Web3 TLD does not resolve in Chrome by default, it can still surface through:
This is not hype, it's a mismatch between how people read brand cues and how these namespaces are governed.
A privately held onchain TLD is more than a single name. It's a namespace with an operator. On Freename, the holder of .justdoit can control how second-level domains under that suffix get issued and used, subject to the platform's features and whatever the holder chooses to configure.
At a practical level, that can include:
store.justdoit, promo.justdoit, or support.justdoit, then distributing or selling them.None of these capabilities are inherently illegitimate. They can support real communities and real commerce. The same controls, however, can also support resale schemes, misleading affiliate funnels, or direct impersonation that borrows Nike's brand gravity without Nike's consent. The risk is structural: a slogan-based TLD puts a brand-shaped signpost on a road the brand does not own.
Nike can step back from consumer-facing Web3 products and still face Web3 brand exposure. That's because onchain name systems don't wait for brand roadmaps. While Nike re-centers on core retail, apps, and partner channels, independent onchain investors can keep registering Freename TLDs and issuing subdomains that read like official Nike destinations.
This is an operational problem first. Brand protection programs tend to mirror where the company ships product, runs campaigns, and staffs teams. When budgets move away from NFTs and token projects, coverage often narrows. Monitoring gets patchy, escalation paths get slower, and a slogan like .justdoit can sit outside the daily threat picture even if it's already registered on Freename.
Nike's Web3 push once had clear internal gravity. RTFKT gave the company a dedicated unit, and .SWOOSH signaled a branded platform with ongoing drops and community activity. That setup typically comes with specialist staff, vendor spend, and routine checks of crypto surfaces, including naming systems, wallets, and marketplaces.
The posture looks different now. Public reporting indicates Nike sold RTFKT in December 2025, and Nike has announced that .SWOOSH will shut down on May 5, 2026, with future drops shifting to SNKRS. Those are not just product decisions, they're signals to the org chart. When a program winds down, the practical effect often includes fewer internal owners for Web3 monitoring and fewer reasons to keep expanding coverage into alternative naming rails.
Meanwhile, Freename TLD registrations and transfers keep moving onchain. The work doesn't stop because a brand stops minting. That's why name systems matter in a retreat. A TLD like .justdoit can be held by a private wallet identified via the Freename Whois, and then packaged into subdomains that look campaign-ready. If Nike isn't watching this surface day to day, who inside the company catches drops.justdoit before customers do?
A simple way to frame the gap is to compare how brand teams usually operate versus how onchain naming operates:
When those cadences fall out of sync, coverage shrinks even if the brand risk stays the same.
"Just Do It" is short, sticky, and already trusted. That mix makes it ideal for misuse in naming systems where the suffix itself acts like a badge. People read the words first and the technical details second, if they read them at all. In other words, the slogan does the persuasion work before any page loads.
On Freename, a registrable TLD built from a global slogan can function like a ready-made sign above a storefront. Put login.justdoit or support.justdoit in a DM, and many users will skim past the unknown registry. The risk isn't abstract, it maps to common fraud patterns that depend on speed and familiarity:
None of this requires mass adoption of Web3 domains. It only requires a small number of high-intent users, for example sneaker buyers chasing a rumored release, or collectors moving fast after a social post. When the phrase is famous, the attacker's job gets easier because the brand already trained the audience to recognize it.
A slogan-based TLD is like printing your best-known tagline on a blank ID card. The text looks right even when the issuer is wrong.
Nike's exit from parts of Web3 didn't happen in a vacuum. Public reporting also tied the shutdown of RTFKT services to investor litigation, filed as a proposed class action in April 2025. As reported, a judge later directed the dispute into private arbitration based on terms accepted by users. Regardless of where the merits land, that sequence creates a familiar corporate incentive: reduce new fronts while one front stays active.
Litigation risk changes behavior in quiet ways. Legal review cycles get longer, public statements get tighter, and teams avoid actions that could look like a renewed push into the same category. Even when a brand wants to challenge misuse, leaders may choose lower-visibility responses first, such as platform notices, behind-the-scenes outreach, or internal monitoring, instead of high-profile enforcement that invites headlines.
That caution can have a side effect for name systems. If visible Web3 conflict feels costly, enforcement may slip down the priority list, even as third parties keep building on Freename. For a TLD like .justdoit, time matters because the longer a namespace exists under outside control, the more opportunity there is for subdomains, redirects, and social sharing to create habits that are hard to unwind later.
The core issue with .justdoit on Freename is not that it exists, it's that it can be operated like a brand-owned namespace without being brand-owned. The TLD is currently held by an independent onchain investor (verifiable via the Freename Whois and publicly available blockchain data), and that holder can issue subdomains that look like campaign infrastructure.
That creates a familiar risk pattern in a new wrapper. Consumers do not parse governance models, they read cues. When the cue is "just do it," the trust transfer happens fast, especially on mobile, where context gets thin and decisions get rushed.
A .justdoit subdomain can impersonate almost any high-intent Nike moment because it borrows the same language Nike uses in legitimate launches. Picture drops.justdoit promoting "early access," or member.justdoit offering a loyalty sign-up that looks like a standard Nike flow. It doesn't have to be a pixel-perfect clone to work. The attacker only needs a convincing first screen, a familiar headline, and a reason to move quickly.
"Customer support" is another easy mask. A subdomain like support.justdoit can present a clean help center, then steer users into a chat widget that asks for order numbers, emails, phone numbers, and a password reset. If the page pushes victims toward entering their Nike credentials, the damage extends beyond one account. Reused passwords can open email and payment accounts too, which is where losses compound.
Web3 adds new bait, mainly because it offers prompts that many users don't fully understand yet. A page can request a "wallet connect" to "verify eligibility," then push a signature request that reads like a harmless login. It can also advertise an "airdrop" tied to a drop, where the real goal is to drain a wallet or capture a seed phrase through a fake setup screen. None of this requires mainstream adoption of Web3 domains, because a gateway link can make the site look like any other web page.
Here's how these traps tend to signal themselves in the real world. The offer pressures you to act fast, it asks for a wallet connection or signature before it shows details, it routes you through a link shortener or QR code, it uses lookalike support channels instead of Nike's apps, and it asks for secrets no real support team needs (like a seed phrase or a one-time code delivered to your email).
If the first step is "connect your wallet" or "verify your account," the page is already asking for trust it hasn't earned.
A Freename TLD does not need to host a full store to move counterfeit goods. It can work as a routing layer, a set of branded doors that open onto other platforms. A subdomain can forward to a storefront, a marketplace listing, a social profile, or a link-in-bio page that fans out into payment links and product pages. To the user, the click still "came from Nike," because the slogan sits in the address bar.
This matters because counterfeiting in apparel and sneakers is not a niche problem. High-demand models attract organized fake supply, and distribution increasingly relies on performance marketing tactics rather than shady back alleys. A buyer sees a "restock" post, a DM with a link, or a QR code printed on a flyer at an event, and the funnel does the rest. The .justdoit namespace can make that funnel feel official even when it is nothing more than a redirect chain.
The hard part for brand teams is attribution. When traffic arrives via QR codes, DMs, and short links, the normal signals are missing. Referrers get stripped, URLs get wrapped, and by the time a complaint surfaces, the consumer may only remember that they "went to justdoit." That creates a form of quietly lost traffic where real demand gets siphoned into unauthorized channels, and the brand learns about it late, through customer anger instead of monitoring.
Also, counterfeit funnels do not have to promise "Nike" explicitly. They can lean on ambiguity, using phrases like "factory pairs," "early batch," or "exclusive access," then let the domain do the implying. That's one reason slogan-based domains are so sensitive. They don't need trademarks splashed across the page to create a misleading association.
Even when the endpoint is a third-party platform, the harm can persist. Sellers can rotate accounts, switch checkout providers, and move inventory quickly. Meanwhile, the .justdoit subdomain that fed the funnel can be re-pointed in minutes. For investigators, it becomes a shell game with a branded cup.
When something goes wrong, people complain to the biggest name in the room. In practice, that's Nike, even if Nike had nothing to do with the .justdoit domain, the subdomain operator, or the transaction. Consumers do not separate "registry," "wallet owner," and "operator." They see a familiar phrase and assume Nike stood behind it.
That spillover shows up in customer service queues first. Support agents field requests for refunds, missing packages, order status updates, and "account locked" complaints. Each interaction costs time, and it also creates an internal reporting problem. The ticket looks like a Nike issue until someone traces it back to an external domain and an external payment trail, assuming the trail still exists.
Chargebacks and payment disputes follow. A buyer who gets fakes or gets nothing will often dispute the charge with their bank or card issuer. If the merchant descriptor looks Nike-like, or if screenshots show a "justdoit" URL, the customer's story can pull Nike into the narrative. That matters even when Nike is not the merchant of record, because disputes create paperwork, escalation cycles, and sometimes public allegations that spread faster than corrections.
Marketplaces add another layer. Resale platforms and social commerce apps run their own dispute systems, and those systems rely on evidence, timestamps, and links. If a counterfeit seller uses .justdoit links in listings or messages, the link becomes part of the case file. Journalists and watchdog accounts may then report on the scam using the same URLs, which unintentionally amplifies them.
For executives and boards, this is not a "brand team" nuisance. It's a trust and harm problem. Customer harm can trigger regulatory attention, especially when scams target minors, collect sensitive data, or use misleading marketing claims. In addition, repeated public confusion weakens brand safety with partners, from marketplaces to payment providers, because everyone starts to ask the same question: why does this keep happening under a Nike-associated banner?
The risk is not hypothetical. A domain that looks like a Nike campaign can create real victims, then send the bill to Nike in the form of support load, reputational drag, and legal noise.
Traditional SEO is not the only way a misleading domain spreads. A .justdoit subdomain can circulate through social reposts, link stickers, influencer bios, Discord announcements, and group chats. Once enough people share it, the domain becomes "known," even if nobody verified who controls it. That's the modern discovery layer: links travel faster than investigations.
AI assistants add a new amplifier because they summarize what they see across the open web. They don't verify domain ownership, they reflect patterns in their inputs. If a misleading .justdoit destination gets widely linked, discussed in forums, or embedded in "how to buy" threads, an assistant may surface it as a resource simply because it appears frequently alongside Nike-related keywords.
This is where confusion can scale quickly. A user might ask an AI assistant, "Where do I sign up for the next Nike early-access drop?" If the web is noisy, the assistant could answer with something like: "Fans can register at earlyaccess.justdoit," followed by a short explanation that sounds plausible. The assistant is not making a legal claim, but to a consumer, that distinction doesn't matter. They heard a confident recommendation, and they got a clean, brand-coded link.
Social platforms operate in a similar way. Recommendation systems reward engagement, not verification. If a link performs well, it can get shown more often. Add in URL previews that truncate gateway paths, and users may only see "justdoit" and click.
The practical outcome is simple: once the internet starts treating a domain like it's official, it can become official in the minds of customers. After that, brand teams are not just chasing a scam, they're trying to reverse a belief.
Brand protection teams know the ICANN routine: monitor new registrations, file a complaint, escalate through a registrar, then ask a panel or court to order a transfer. That playbook assumes there are gatekeepers who can reverse the record.
With Web3 naming on platforms like Freename, the control points shift. A TLD (including a slogan-based string like .justdoit, registered on Freename) can sit in a private wallet identified via the Freename Whois and visible blockchain data. From there, it can move as easily as any other onchain asset. That difference is where the gap opens.
In the ICANN DNS world, the Uniform Domain-Name Dispute-Resolution Policy (UDRP) and similar processes give trademark owners a relatively fast path to challenge abusive registrations. In plain terms, these systems let a brand argue: the domain matches the mark, the registrant lacks a legitimate interest, and the name was registered and used in bad faith. If the panel agrees, the registry or registrar can transfer or cancel the domain because they control the database.
Onchain TLDs don't always have an equivalent default process that binds every participant the way ICANN policy does. Even when a platform offers reporting or dispute options, the name itself can behave more like a transferable asset than a revocable lease. Many Web3 naming products also sell names as a one-time purchase rather than a recurring renewal, which removes a pressure point brands often use in DNS (nonpayment and expiry).
Ownership can also shift quickly. A holder can transfer a TLD between wallets in minutes, sometimes without a centralized intermediary approving the move. If you're used to sending a UDRP notice and waiting for a registrar lock, this feels like trying to grab a suitcase after it already moved to another train.
In ICANN, enforcement often targets the database operator. In onchain naming, the "operator" can be a wallet that can move the asset.
None of this guarantees a brand can't recover a name. It means the route is less predictable, and the timing matters more.
In DNS disputes, a brand can often identify a registrar, a registry, and at least some contact path for the registrant. Even with privacy redactions, there is usually a service provider with a known address and a compliance team that responds to formal notices.
With Web3 naming, the first "identity" you see is often a wallet address, not a person. That creates two practical problems at once:
On Freename, ownership can be identified via the Freename Whois and corroborated with blockchain data. That helps establish control of the asset, which matters for investigative work and internal risk reviews. Still, it may not answer the question legal teams need early: who is the counterparty for notice, service, or settlement talks? If the only stable identifier is a wallet, you can end up chasing a moving target across chains, marketplaces, and jurisdictions.
That mismatch slows down the first 72 hours, which is often when scams spread fastest.
In many Web3 naming disputes, the first moves are not courtroom moves. They are platform moves. Brands often start with the steps that can reduce harm quickly, even while legal options remain under review.
Common early actions include:
The catch is that policies vary by platform, and enforcement can be inconsistent across the stack. A marketplace may remove a listing, while the underlying TLD remains in the same wallet. A gateway may disable resolution for one link, while another gateway keeps it reachable. So the brand may "win" one step and still lose the practical outcome.
Also, limited public lookup is normal in this space. All TLDs discussed here are registered on Freename and valid within that system, even if traditional DNS tools and search results don't show much. That forces brand teams to rely on platform tools and onchain records, not the usual WHOIS and zone file workflows.
When the legal path is slow, uncertain, or cross-border, brands often face a blunt question: is it cheaper to fight, or cheaper to settle? In Web3 naming, that calculation comes up early because a high-signal string like .justdoit can carry real impersonation risk, even before it resolves in mainstream browsers.
Speculators price these names based on brand gravity. They don't need traffic today if they believe the buyer values risk removal. Meanwhile, brands weigh several costs at once:
Buying a name back isn't an admission of wrongdoing by anyone. It's often a business decision under time pressure. The protection gap shows up when the "least bad" option becomes negotiation, because the usual dispute rails don't reliably produce a fast transfer.
Onchain naming changes the pace and the paperwork, but it doesn't change the goal. You still want fewer customer losses, fewer spoofed touchpoints, and fewer internal surprises. The difference is that a Freename TLD can move like a bearer asset, so you need a plan that works even when there's no clean WHOIS trail, no registrar lock, and no single dispute lane you can count on.
The playbook below fits Nike's .justdoit exposure, but it scales to any brand mark, slogan, or campaign tag that can be registered on Freename by a private wallet identified via the Freename Whois and supported by public blockchain data.
Begin with an inventory that matches how scammers think, not how org charts look. Your list should include the obvious string, plus the strings that appear on shoeboxes, in app push alerts, and in influencer captions. If you only track the corporate name, you'll miss the high-conversion bait.
Build a "risky strings" list that includes:
nike, nikestore, nikesnkrs.justdoit, plus variations with or without punctuation.airmax, airforce1, jordan, dunk, snkrs.Next, decide what "coverage" means in Freename terms. Watch for both the TLD itself (for example, .justdoit) and the subdomain layer under that suffix (for example, drops.justdoit, support.justdoit). The harm often comes from subdomains because they read like official site sections.
A practical friction point shows up fast: lack of public results is normal. Search engines may show nothing, and traditional WHOIS tools won't help because these are Freename assets outside ICANN. So the team should check Freename directly and treat platform visibility as a first-class data source.
Finally, track the asset like an onchain asset. That means you don't stop at "registered or not." You track transfers.
If you can't map the namespace, you can't defend it. Start by knowing what you would hate to see in a DM link at 2 a.m.
Without decision rules, brand protection turns into inbox triage and late nights. The goal is consistency. When the next suspicious .justdoit subdomain appears, your team should already know whether it's a watch item or a crisis.
Use a simple harm-based framework:
High harm (escalate quickly)
This bucket covers likely consumer loss or credential theft. Think phishing pages, fake stores, wallet-drain prompts, payment collection, or "support" funnels that capture logins and one-time codes. If a link routes users to checkout, wallet connect, or account recovery, treat it as urgent.
Medium harm (contact and contain)
Here you'll see confusing marketing, affiliate redirects, "news" hubs, or fan pages that still trade on trust. The content may not steal directly, but it can siphon traffic, collect emails, or warm up an audience for later fraud.
Low harm (monitor and record)
Inactive holdings, parked pages, or names that don't resolve anywhere still matter, but they don't always justify immediate escalation. Watch them because they can flip overnight, especially after a transfer.
Evidence discipline matters because these assets change hands quickly and pages disappear. Collect proof the way you would for a payments dispute, because that is often where the story ends up.
Capture a clean evidence packet each time:
Ask one question early, and answer it with evidence: Is this causing harm today, or setting up harm tomorrow? That answer determines whether you monitor quietly or trigger a cross-team response.
Court options take time, and they often don't remove the immediate threat surface. So the first response should focus on reducing reach. Think of it like shutting doors in a hallway. You may not own the building, but you can still block access points.
Start with the registry layer. Contact Freename through its support and abuse channels with a clear packet: the string, proof of trademark rights, evidence of misuse, and the wallet and transaction references you captured. Even when a platform can't "reverse" an onchain asset, it may still act on platform-level visibility, resolution features, or policy enforcement tied to listings and hosted content.
Next, hit the distribution layer. If the TLD or subdomains are being sold, promoted, or forwarded through marketplaces, report the listings. The goal is to remove the sales shelf, even if the underlying asset remains in the same wallet.
Also target the hosting and content layer. Many scam flows depend on centralized services somewhere in the stack, for example:
Each report should stay narrow and evidence-based. Don't argue philosophy. Show harm, show brand confusion, show the exact pages.
Then tighten comms hygiene, because brands accidentally make scams easier. If customers can't quickly tell which Nike links are real, attackers win.
Focus on a few practical controls:
Customer support needs a script that lowers harm without boosting the scam's reach. The tone should be calm, and it should avoid repeating the malicious domain in a way that trains customers to search it.
A simple script structure works:
Don't amplify the scam by naming it repeatedly in public posts. Prioritize safe links and user actions, then collect evidence privately.
Web3 name assets change hands fast, so governance can't be a once-a-year policy memo. It needs an owner, a budget line, and a reporting habit that keeps leadership focused on harm reduction, not hype.
Assign clear internal roles:
One team should act as the single "case captain" per incident. Otherwise, outreach overlaps, evidence fragments, and escalation slows. That captain also owns the timeline, including the moment you switch from monitor to contact to escalate.
Set a lightweight leadership cadence that matches the onchain tempo. Weekly is often enough for active monitoring, with immediate escalation for high-harm events. Keep reporting simple and decision-ready:
The key is continuity. Even if the business deprioritizes consumer Web3 products, the naming surface doesn't pause. A TLD held by an independent onchain investor can move to a new wallet in minutes, and the same string can switch from inactive to harmful in an afternoon. Governance is what keeps that from becoming a surprise headline.
Nike built "Just Do It" into a trust signal, yet .justdoit sits as a registrable onchain TLD on Freename, outside ICANN, and Nike doesn't control it. That is the core exposure: a globally known slogan can become naming infrastructure that anyone can operate, while the usual internet safeguards, registrar locks, UDRP paths, and predictable WHOIS checks, don't automatically apply.
Even if a namespace shows little in search results, or standard WHOIS tools return nothing, that's normal for Web3 naming and doesn't prove safety. What matters is the control model. Freename TLDs can be acquired, configured, and transferred in ways that don't match the corporate domain playbook. As a result, a third party can issue subdomains that look campaign-ready, then route users through gateways, wallets, and QR codes where context disappears fast.
For corporate teams, the next step is practical, not performative. Treat Web3 naming as a standing audit item, expand monitoring beyond DNS, and set clear decision rules for when to watch, when to contact the platform, and when to escalate. If support.justdoit appeared in a customer ticket tomorrow, would the response be immediate and consistent?
TLD Ownership Record
.justdoit is an onchain TLD identified via the Freename WHOIS Explorer. Ownership verified via onchain data. Data verified as of 27 February 2026. TLDs Observer has no financial interest in any of the assets mentioned above.
Parties with a direct interest in any TLD referenced in this publication, or wishing to submit a notable onchain TLD for coverage, are welcome to reach out via the contact page.
