[Intermernet]

Not wanting to point fingers or start conspiracy theories, but what guarantee is there that GoDaddy didn't squat this domain? They had an employee act as "broker", and it seems there was little information about the original owner revealed.

I ask because, years ago, I had a few friends tell me that they searched a domain name on a few registrars, found them available, then upon trying to buy them found that they were already registered. They suspected foul play on the part of the registrar.

I own a few domains, and haven't come across this, but I'd like to know the current state of affairs. Is this a thing? Are there protections in place to prevent this? How do you avoid this? Is domain squatting still the wild-west?

[someotherperson]

It's called domain name front running. GoDaddy in particular has been accused of this in the past here on HN and have responded to it[0].

Use a trustworthy registrar when you can, avoid GoDaddy or Namecheap.

[0] https://news.ycombinator.com/item?id=24506303

[mystcb]

Hopefully some additional links too, to show how it evolved from Domain Name Front Running[0]. Moved into Domain tasting (which things like Domain Kitting is related to) [1].

There are posts all the way back to 2011[2] and probably further showing GoDaddy doing this for some time, and even I spotted it when using Network Solutions back in the day [3].

ICANN introduced charges (from the Wiki article) to try and reduce the Domain Tasting element, so I a guessing it is better now), but I (my personal opinion) think that it is still out there, just not as obvious as it once was!

[0] https://en.wikipedia.org/wiki/Domain_name_front_running

[1] https://en.wikipedia.org/wiki/Domain_tasting

[2] https://news.ycombinator.com/item?id=2326790

[3] https://news.ycombinator.com/item?id=22005265

[unmole]

Is there any anecdotal evidence that Namecheap does this?

[nicoburns]

I'd add my anecdotal evidence that namecheap doesn't do this. I've searched quite a few domains on namecheap and then bought them months later without issue. I have had this issue (although of course it's impossible to know for sure who's registered the domain) with GoDaddy and Gandi.

[asah]

Second this: recently, a startup of mine let summer domains lapse and bought them back for the same price, when NC could've easily squatted them.

[tboerstad]

What is wrong with Namecheap?

[someotherperson]

It's a criminal outfit masquerading as a domain registrar. They go out of their way to protect blackhats using their services, refusing to adhere to their ICANN requirements of blocking users or domains registered through Namecheap that carry out major scale phishing and fraud. So much so that, with blackhats, it's the domain registrar of choice. Stolen credit card? No problem. SMS scams? Sounds good!

Do a WHOIS the next time you come across a phishing website or receive an SMS with an odd link. And then disappoint yourself with the complete lack of care when trying to report it to Namecheap's support.

Their CTO or whoever considers this form of enabling crime to be 'free speech' or suggesting registrars shouldn't 'police' or something equally as stupid when it was raised on HN a few times.

[nojs]

As a non criminal, this is a major selling point for me. I for one do not want to lose my entire business because I offended someone or failed to moderate a comment or whatever. And it’s smart business for them too - stay out of the censorship game as long as you can, because you can never win.

[someotherperson]

Yes of course until the CEO popped up and unilaterally banned all of Russia[0]. Or when they banned a crypto related domain on a single tweet[1] then unbanned it when people said WTF [2].

Blocking actual exploitative malware is a legal obligation, not "censorship." If they had a TOS that says "do whatever you want" then sure, but in this case they're just violating their TOS too.

[0] https://news.ycombinator.com/item?id=30504812

[1] https://twitter.com/Namecheap/status/1489485337885921284

[2] https://twitter.com/Namecheap/status/1489504958596714499

[0des]

You realize a lot of their staff is pretty much next door to that conflict geographically right?

[ghusto]

> ... It's a criminal outfit ...

Refusing to police does not mean "they go out of their way to protect blackhats", it means they sell domains and know their place.

[someotherperson]

Refusing to adhere to your TOS, ICANN guidelines and legal obligations by turning a blind eye to international crime rings isn't knowing your place, it's exploitation and has horrible ethics regardless of how it can be perceived.

Knowingly taking money from criminals, likely stolen, is almost certainly a criminal offence.

[ghusto]

I'm sure if you were to provide them with evidence of your allegations they would take actions appropriate to their obligations. What you want them to do is that work _for_ you, which they are not obliged to do, as far as I know.

[0des]

Just because they don't immediately cancel people you have issue with doesn't make them a criminal org. You should check out about libel because this is getting close.

[0des]

Sounds like added value to me

[sen]

GoDaddy absolutely squats recent searches. So so many other registrars. It’s been like that for many years now and has been proven time and time again.

The only registrar I trust currently is Namecheap. They’re not perfect but they don’t do any major dark patterns.

[asah]

I'm assuming Google doesn't squat.

[asah]

a bit more color: it's not that Google "wouldn't" necessarily squat (I don't know), it's just that they reserve "aggressive monetization practices" like this for 100x larger businesses, like search and commerce ads, maps, gsuite, GCP, etc.

[dotancohen]

This used to be widespread. The registrar can reserve the name for up to 48 hours IIRC without itself having to pay.

Godaddy in particular would justify the behaviour by "ensuring that nobody would snatch the names that it already said you could register". Of course, it was always obvious that this was to prevent you from registering them with someone else.

[cersa8]

Ah,this explains a recent email I got where the company claimed a third party was trying to register mycompany.net (different tld) and gave me a short time window to register it myself for an additional fee.

[Mutjake]

If I’m checking if a domain is free, I usually use ”nslookup example.com” or ”dig example.com” — if they return NXDOMAIN, it is not reserved yet. I haven’t had an issue at least with namecheap when registering them, granted the domains I have booked have not been anything super special, so YMMV.

[tqkxzugoaupvwqr]

Happened to me when I checked availability of a domain via Uniregistry (now part of GoDaddy). Domain was available, a few days later when I decided to buy it it was suddenly a registered premium name costing over $2000.

[andrewstuart]

This absolutely happens.

If I can find the time I plan to write some code to gather enough evidence to make a substantial case to prove registrars doing it.

It's happened multiple times to me with one particular registrar.