
I bought netflix.soy - stokesyio
https://tinyprojects.dev/posts/i_bought_netflix_dot_soy
======
amelius
A Google domain name is lying on the ground. An IT guy walks past it. A friend
asks: "Didn't you see the Google domain name there?" The IT guy replies: "I
thought I saw something, but I must've imagined it. If there had been a Google
domain on the ground, someone would've picked it up."

~~~
gpanders
For anyone unfamiliar, this is a clever riff on a classic economics joke about
the Efficient Market Hypothesis [1].

"Two economists are walking down the street and one of them notices what
appears to be a $20 bill (or a $100 bill—the monetary amounts vary) on the
sidewalk. “It’s not a real $20 bill,” the other economist declares. “If it
were a real $20 bill, someone would have picked it up off the sidewalk
already.”

[1]:
[https://www.barrypopik.com/index.php/new_york_city/entry/if_...](https://www.barrypopik.com/index.php/new_york_city/entry/if_it_were_a_real_20_bill/)

~~~
quickthrower2
Except the $20 bill in this case is a $-10 bill (or whatever the domain name
costs), as there is no profit to be made by registering a top company's
trademark as a domain name.

~~~
koheripbal
While it is an unwinnable case, there is a positive dollar amount to settling
out of court.

~~~
benatkin
Especially if you have a cute story like the MikeRoweSoft guy did.

~~~
SilasX
I think Nissan.com is more illustrative -- it was a guy named Nissan[1] who
had an actual computer business in his name and got to keep it away from
Nissan Motors, but now his site has a lot more to do bragging about his fight
with the motor company than actual computer stuff.

[1] Hebrew/Israeli name usually transliterated as "Nisan"

~~~
ksec
Interesting, why doesn't Nissan motor just paid more money say a million for
it?

Surely they can afford it.

~~~
andiamo
Took a quick look at the case. I'm guessing some corp lawyer, maybe even
general counsel, didn't have enough "real work" to do and needed to make a
name for himself. Then it became a giant d __* measuring contest.

Source: Went to law school. Never practiced though.

------
saagarjha
Interestingly, I recently saw a couple a couple of google.* domains available
on Google Domains, including some reasonable-sounding ones: IIRC, google.tech
(edit: google.page), google.business, and google.camp. Tried to purchase them
but they instantly became unavailable the moment I tried to do so. The cynic
in me thinks that Google has a special check for those and renews it
themselves if someone tries…

More generally, however: all these TLDs are kind of stupid, and trying to make
sure you own every single TLD for your business is similar to a protection
racket where you have to pay just so something bad doesn't happen to you.
Perhaps we should stop trying to make a billion of them.

~~~
dheera
Even better yet, it would be interesting if we just abandoned TLDs. There is
no reason why [http://google/](http://google/) can't work, really, with a
bunch of infrastructure changes.

~~~
tylerhou
Infrastructure changes aren't even needed; Google already owns the .google
TLD. All they would need to do is attach an A record to the root.

~~~
CydeWeys
ICANN doesn't allow A records on the DNS root on gTLDs. If they did, we
already would've.

~~~
moonchild
[http://cm./](http://cm./) used to resolve

~~~
Macha
[https://news.ycombinator.com/item?id=974111](https://news.ycombinator.com/item?id=974111)

[http://to./](http://to./) used to be a URL shortener.

Either the rules on ccTLDs are different, or it's a recentish crackdown.

~~~
sleevi
There are no rules for ccTLDs, which their countries like to claim as
sovereign property (see [https://meetings.icann.org/en/dublin54/schedule/wed-
ccnso-me...](https://meetings.icann.org/en/dublin54/schedule/wed-ccnso-
members/presentation-sovereignty-property-rights-21oct15-en.pdf) and
[https://gac.icann.org/principles-and-
guidelines/public/princ...](https://gac.icann.org/principles-and-
guidelines/public/principles-cctlds.pdf) for some of the views)

Some ccTLDS voluntarily agree to abide by the same rules and operational
requirements as the gTLDs -
[https://www.icann.org/resources/pages/cctld-2012-02-25-en](https://www.icann.org/resources/pages/cctld-2012-02-25-en)
has more details.

This means, for example, than ccTLDs aren’t bound by the findings from SAC053
at
[https://www.icann.org/en/system/files/files/sac-053-en.pdf](https://www.icann.org/en/system/files/files/sac-053-en.pdf)
which have been included in the gTLD contracts.

------
qwertox
> google.com in Hebrew! And I could actually buy it. It bloody worked.

In a couple of weeks the follow-up "Google cancelled my Gmail account and
won't tell me why"

~~~
bioipbiop
Was driving to my local park when Android Auto directed me down a dark alley
whereupon I was beaten by some hired goons.

------
wrycoder
One winter day, my wife looked down the coast and noticed that the bell buoy
that marked the entrance to Plum Island Sound was lying on the beach. This
thing is enormous, about 30 ft long. We drove down and walked around it with
some other curious people. Took some pictures.

She thought that we ought to report it. I told her that many people would
already have done that. A couple of days went by and there didn’t seem to be
any action.

So we finally called the Coast Guard. They said, “Wow, we didn’t know that,
thanks very much!”

~~~
sneak
The validity of this effect has been called into question, but for a long
time, this was the "standard response" to situations like this:

[https://en.wikipedia.org/wiki/Bystander_effect](https://en.wikipedia.org/wiki/Bystander_effect)

~~~
BolexNOLA
Yeah the Kitty Genovese (sp) story is an example right? Wasn’t that proven to
be a myth or something?

~~~
DagAgren
Yes, just like Stockholm Syndrome, it was made up to cover up a bungled police
response. Neither one is a real thing.

~~~
ohashi
Source?
[https://en.wikipedia.org/wiki/Stockholm_syndrome#FBI_Law_Enf...](https://en.wikipedia.org/wiki/Stockholm_syndrome#FBI_Law_Enforcement_Bulletin_\(1999\))
says it's rare but FBI seems to be saying it is a real thing.

~~~
DagAgren
FBI isn't exactly a trustworthy source of psychology. Psychologists and the
DSM do not recognise it as a real thing.

Here is the backstory of how it was created:
[https://twitter.com/sezmohammed/status/1252500993972948992](https://twitter.com/sezmohammed/status/1252500993972948992)

------
dopylitty
There's a terrible enterprise security product that can be configured by IT to
quasi-MITM your company web traffic. Instead of relying on enterprises pushing
their own trusted root certs and MITMing the whole session this terrible
product redirects all traffic to (and I'm not kidding here) urls like
"www.terriblesecuritycompanyname.com/www.originalurl.com" when the user
accesses www.originalurl.com.

So this "enterprise security" company encourages end users to put information
such as passwords into www.terriblesecuritycompanyname.com/owa.office365.com
for example. Of course everyone has SSO enabled for Office 365 but everyone is
also used to SSO sometimes breaking and falling back to forms based auth so
people have no issue typing their passwords into any page that looks somewhat
legit as long as the URL is close to what they expect and has a little lock
next to it.

Anyway www.turriblesecuritycompanyname.com is available and I'm waiting for
someone nefarious to purchase it and start sending phishing emails with links
to www.turriblesecuritycompany.com/owa.office365.com embedded in them.

~~~
ganstyles
It depends on which ethical framework you subscribe to, but if I were in your
shoes using my ethical framework, it seems like the small cost to me to
purchasing an available domain (making the assumption here it's a standard buy
and it's not one of those "make an offer for $10k" domains...) to mitigate a
lot of potential hurt to other people would make me lean toward just
purchasing the domain myself, or at least making the correct people aware. An
equally valid counterexample would be a framework where you didn't cause the
harm, so you have no obligation to intervene.

~~~
jjeaff
Your ethical framework in this case could clash with the arguably broken legal
framework that we currently live in.

Buying a domain like that could get you into legal trouble once it is found
out and people track sensitive traffic funneling to the domain. Even if you
aren't doing anything with the information.

~~~
dopylitty
This, exactly.

One thing I've learned about "infosec" companies is that their litigiousness
is inversely proportional to their actual level of security.

The similar domains I've seen are only $9 though so it's just a matter of
time.

------
DangerousPie
I don't really agree with the premise of this post. Why _should_ Netflix or
Google have to buy a domain for every stupid gTLD that someone paid a few
$100k to create? The author makes it sound like that's somehow an oversight on
their part.

If anything, it's sad that they ended up having to own so many gTLDs just to
prevent abuse.

~~~
ryanwaggoner
I think that’s what he’s saying: that this system of hundreds of TLDs means
that companies can easily miss one and that becomes a vector for phishing,
etc. It sounded like he was blaming ICANN, not Netflix or Google.

------
yarinr
I'm from Israel, and this is the first time I've heard about the .קום tld.
I've never seen any website that uses it.

The author mentioned that creating a new tld costs a minimum of 185k USD. This
makes me wonder who would pay this kind of money for this completely useless
tld.

~~~
tialaramex
If they managed it for only $185k I'm impressed, maybe if you did several on
the same infrastructure.

It's a gold mine offering. There was a long queue of people quite sure that
.binglebongle would be the new .com. Sometimes it was a marginally less stupid
plan, like we can be a regional alternative - and Russia even has one that's
actually making money - it isn't taking over the world, but it's Cyrillic and
was never intended to. But most gold mines never produce gold, they just suck
up people's money and dreams and spit out the bones.

The obscure brand TLDs are funnier. Not brands you've heard of like google,
brands who are their own tiny corner of the non-IT world and figured they
ought to have a TLD, so now they do to the tune of maybe six figures a year.

The Kerry Group for example owns several, as do some US financial outfits.
Why? Because nobody who knew this was a stupid idea was in the room when it
got decided.

~~~
snazz
> The obscure brand TLDs are funnier. Not brands you've heard of like google,
> brands who are their own tiny corner of the non-IT world and figured they
> ought to have a TLD, so now they do to the tune of maybe six figures a year.

While everyone here has certainly heard of Softbank, I find it amusing that
they have their own TLD too (with sites like
[https://group.softbank/](https://group.softbank/)).

~~~
r3dk1ng
> everyone here has certainly heard of softbank

not until your comment had I heard of "softbank"

------
smitop
If these companies notice, they can file a UDRP
([https://en.wikipedia.org/wiki/Uniform_Domain-Name_Dispute-
Re...](https://en.wikipedia.org/wiki/Uniform_Domain-Name_Dispute-
Resolution_Policy)) request, on the basis that the domains infringe their
trademarks, and were registered and used in "bad faith".

~~~
gruez
>and were registered and used in "bad faith".

How were they registered in bad faith? He's not extorting money from netfilx,
nor is he trying to deceive people into thinking he's neflix.

~~~
CydeWeys
UDRP typically rules in favor of the holder of the unambiguous trademark in
these kinds of cases. As an example, "Exxon Mobil" refers unambiguously to a
single entity only, and has no other possible uses, so anyone registering
exxonmobil.{anything} would lose if the company came after them. No one else
has any right to that trademark, and ICANN enforces trademark rights on
domains.

If the trademark already existed when you bought the domain, and especially if
it's widely used and ambiguous, you're gonna lose that domain if the company
comes after you.

Contrast this with the case of, e.g., McDonald, which is a widely used surname
that predates the existence of the trademark. So long as you specifically
aren't trying to cause confusion with the McDonalds restaurant trademark, you
_can_ use "mcdonalds" in a domain name.

~~~
colejohnson66
What about .sucks? Couldn’t one claim free speech?
[https://www.forbes.com/sites/rogerkay/2015/06/29/saga-of-
suc...](https://www.forbes.com/sites/rogerkay/2015/06/29/saga-of-sucks-domain-
generates-laughter-agony/)

~~~
kevindong
Free speech is a right issued by governments to the people.

It is not a valid concept between two private parties.

[https://money.cnn.com/2017/08/08/technology/google-
workplace...](https://money.cnn.com/2017/08/08/technology/google-workplace-
free-speech/index.html)

~~~
boomlinde
Yes, but the argument GP responded to was that "ICANN enforces trademark
rights on domains" and that "If the trademark already existed when you bought
the domain, and especially if it's widely used and ambiguous, you're gonna
lose that domain if the company comes after you."

He argues that the practice has its basis in trademark laws. If it is so,
nominative use of a trademark to e.g. criticize a product is considered fair
use and shouldn't be ruled out by ICANN on that basis. It either wouldn't be,
or ICANN have some other basis than trademark law for their rulings.

So GP's point raises an interesting question. If you had registered e.g.
"google.sucks" or something similar in which the FQDN arguably forms a valid
nominative use in itself in good faith to use that domain to criticize
Google's business decisions and products, does ICANN have some other policy
outside respecting trademark law that would compel them to take the name back
and give it to Google?

The answer to that question isn't "Free speech is a right issued by
governments to the people". That's a pointless non sequitur at best, and I'm
frankly tired of hearing it used in defense of huge monopolies that are well
deserved of scrutiny in the interest of defending freedom of expression.

~~~
kevindong
I agree in that perhaps entities with a public platform (in this case,
literally the internet domain) should be compelled to provide reasonably equal
access/equal speech rights to everybody.

However, the law is not in that rationale's favor. US courts have repeatedly
rejected the argument that private companies are state actors subject to the
1st Amendment [0].

The reality is that the internet is governed almost entirely by private
companies.

[https://crsreports.congress.gov/product/pdf/R/R45650](https://crsreports.congress.gov/product/pdf/R/R45650)

~~~
boomlinde
_> I agree in that perhaps entities with a public platform (in this case,
literally the internet domain) should be compelled to provide reasonably equal
access/equal speech rights to everybody._

Agree with who? I said that _I 'm tired of seeing the defense_, especially
when it's in response to a concrete question that it doesn't answer. You
apparently disagree with that entirely. I'm not tired of the defense because I
don't understand it, I'm tired of it because I _do_ understand it and don't
need constant reminders of it to derail legitimate discussions of how ICANN
deals with possibly trademark infringing uses of their services.

I don't know what makes you believe that I don't understand that and keep
posting links irrelevant to how ICANN deals with these cases, which again is
the question being asked. I'm frankly not sure how I didn't make that clear in
my last reply.

------
cooper12
The whole framework arounds TLDs is very strange to me. One one hand, opening
up all these gTLDs was supposed to alleviate problems with domain parking and
name clashes (e.g. you could disambiguate your .blog from a .pizza
restaurant). But all this did was shift the parking to other domains, some of
which are ludicrously overpriced (anyone remember the .io hype?)

Secondly, regardless of where your site is hosted, you're also bound by the
registrar's laws/restrictions (especially for ccTLDs), which doesn't make
sense for something that is purely a routing mechanism that translates a name
to an IP. It'd be fine if domain names were plentiful, but domain hacks[0]
also make people use TLDs without regard to considering their territory or any
implications.

The whole .org fiasco only proved further that this model with ICANN and for-
profit registrars isn't tenable and a horrible fit for an open distributed
internet. All these perverse incentives and political fuckery should not exist
for something that is an essential part of a worldwide utility.

I'd love if HNers could share any promising alternatives to our current DNS
system.

[0]:
[https://en.wikipedia.org/wiki/Domain_hack](https://en.wikipedia.org/wiki/Domain_hack)

------
otterley
26 years ago:
[https://www.wired.com/1994/10/mcdonalds/](https://www.wired.com/1994/10/mcdonalds/)

------
manifest23
This is the first time in a couple years that I have seen a reference to
myself while reading an article. Thanks for the surprise!

> No. They're welcome to have them back anytime they want. They could probably
> do it pretty forcibly if I refused to budge too (see Microsoft vs.
> MikeRoweSoft).

~~~
coopierez
Do you still have that Xbox?

------
bobbiechen
I was just talking to a friend yesterday about "domain hacks" (where you spell
some word using the TLD) in the context of country-code TLDs. Those raise some
interesting issues for political reasons [1, 2].

For the newer TLDs like .soy, .pizza, .restaurant, etc. I really can't imagine
that these would be adopted quickly. Even to me, these are barely recognized
as URLs at all. And the possibility for domain name confusion really
skyrockets, as demonstrated by the submission.

[1] [https://priceonomics.com/the-rise-and-fall-of-
ly/](https://priceonomics.com/the-rise-and-fall-of-ly/) [2]
[https://www.thewebmaster.com/hosting/2016/feb/27/io-tld-
top-...](https://www.thewebmaster.com/hosting/2016/feb/27/io-tld-top-level-
domain/#1-the-chagossians-do-not-benefit-from-the-io-tld)

------
gridlockd
"Did you know it costs a minimum of $185,000 to create your own domain name
ending? For that kind of money, I think ICANN, the registries and registrar
sites have a massive responsibility to ensure that this never happens."

No they don't.

The same problem exists with subdomains, for example some users may visit
"netflix.trustworthy-sounding-domain.com" and not notice the issue.

Meanwhile, using a weird TLD can raise suspicion even for legitimate sites.
Get a dot com.

~~~
Volundr
netflix.trustworthy-sounding-domain.com isn't really the same though. If I own
netflix.trustworthy-sounding-domain.com, I can create facebook.trustworthy-
sounding-domain.com, google.trustworthy-sounding-domain.com, etc simply by
creating new DNS records. No one but myself is involved, or even know they
exist (unless I put links to them somewhere public).

On the other hand, someone owns and operates .soy, and has to actually approve
new domains getting created. Part of that process could be a step that
automatically screens for scammy looking registrations.

~~~
gridlockd
Let me explain. The problem is that somebody malicious might impersonate
another company through a domain name.

So they send people emails with URLs like "netflix.user-support.com" where
"user-support.com" is owned by the malicious actor. This is extremely common.

I honestly don't see any other problem. How else would you get people to visit
"netflix.soy", if not by the same mechanism? It doesn't matter who controls
which part of the domain, users are either going to notice the odd parts of
the domain, or they are not. The fact that one is a TLD and the other isn't
doesn't really make a difference, at least for uncommon TLDs.

> On the other hand, someone owns and operates .soy, and has to actually
> approve new domains getting created. Part of that process could be a step
> that automatically screens for scammy looking registrations.

Yes, but that wouldn't do anything to solve the problem. It would only make
things more expensive. I honestly don't see the issue with anybody owning
"netflix.soy" unless they're malicious, but in that case owning
"netflix.anything-else.com" would be just as bad, if not worse. Since we can't
really prevent the latter case, preventing the former case is moot.

------
snowwrestler
These sorts of “I found a name collision” blog posts often use the possibility
of phishing to justify their implication of alarm.

I don’t really buy it, though. I mean, I know that phishing is a major
problem, but I don’t buy that this discovery makes the problem of phishing any
worse. There are an infinite number of ways to configure URLs to pass a glance
test, which is the most you’ll get from most users.

------
stepanhruda
> large sum of money

No, they will file a dispute and get them at registration cost, because they
own the trademark.

~~~
popotamonga
Not always, i had for a few years the domain name of a top 10 website we all
know, with a TLD for my country (.pt). I just kept it and did nothing with it
and one day got a €30k offer.

------
fortran77
I used to work for a Big Media Company. They used to scramble to by
BigMediaCompany.<new tld> whenever there was a new tld.

Then one day they stopped. The legal department decided that if someone were
to buy it and use it in a way that infringed on their trademark, it would be
cheaper/easier to sue or file an injunction.

For a while it was an extortion game. A new .tld like ".mobi" or ".music"
would start, and they'd offer the names to fortune 500 trademark holders for
$$$$$.

------
CydeWeys
Registering unambiguous trademark domains falls under the category of "play
stupid games, win stupid prizes".

~~~
RandallBrown
Could anything worse than losing out on the registration fees ever actually
happen?

~~~
CydeWeys
Yes. You might have to deal with the hassle and expense of being sued.

There's all downside and no upside to playing this particular stupid game.

~~~
Volundr
I mean technically, maybe, but it's _extremely_ unlikely that they'd sue
without sending a C&D first. And given the lack of damage even if they did
it'd likely get dismissed quickly with him just giving up the domain.

But... INAL and this is not legal advice.

~~~
CydeWeys
The biggest trouble people get themselves into with this kind of thing is if
they, upon being contacted by the company, ask for money instead of
immediately offering to transfer the domain to them free of charge. At that
point it's trademark cybersquatting and they have your own words in the email
as proof.

Speaking from personal experience here: being on the end of any kind of notice
with the threat of legal force, even if it's not a lawsuit yet, is the kind of
stress you just don't need in your life.

------
chaps
If anybody wants it, I compiled a list of Alexa's top 50 domains and their
available TLDs:

[https://docs.google.com/spreadsheets/d/1VaGA8344-13eGn9D1LAj...](https://docs.google.com/spreadsheets/d/1VaGA8344-13eGn9D1LAjC_xKXrLhAbzQZ2hCh3Agr9w/edit?usp=sharing)

Now with price!

------
half-kh-hacker
I own 인스타그램.닷컴, and (actually!) use it to share photos with my Korean friends.

But, uhh, I would certainly not decline if Facebook were to try to purchase it
to make it reroute to Instagram.

~~~
cmauniada
I really like the landing page. heh.

------
pselbert
There is a service ran by ICANN called the “trademark clearlinghouse”. It is a
subscription service that trademark owners, e.g. Netflix, can use to be
notified of any domain that is registered and may infringe on their trademark.
It even allows for wildcard patterns in ongoing searches.

How do I know this? Because i received a takedown notice regarding a domain I
run to sell background job licenses (oban.dev). The business is entirely
unrelated, but the clearinghouse alerting system still brought it to the
trademark holder’s attention.

~~~
jdsully
Was it from the Oban distillery? Trademark issues aside they make a great
whisky.

~~~
pselbert
Indeed. It was from their parent company. I’m a fan of their scotch, so it’s a
little bitter sweet.

------
RcouF1uZ4gsC
gTLDs are nothing but a money play by ICANN and registrars and really make the
internet a (slightly) more confusing and dangerous place. Within epsilon, all
the money spent by companies on gTLDs is dead weight with no payoff in
increased usability but only to prevent some naive user from being tricked.

The advice I give my non-techie friends is avoid going to any business website
that is not a “.com”

~~~
interestica
> The advice I give my non-techie friends is avoid going to any business
> website that is not a “.com”

You can't actually mean that? Country TLD? (Eg .CA) I'm actually pretty
impressed by how the .CA registry (CIRA) has branded itself in Canada. There's
even a bit more legitimacy for sites because it's clear they're operating in
Canada (or have at least made an effort for Canadian representation).

~~~
Marsymars
Yeah, my default behaviour for any international company is to navigate to
companyname.ca. Even if they don't use TLDs for their regional websites, it
typically redirects to their Canadian site. (e.g. apple.ca redirects to
apple.com/ca, microsoft.ca redirects to microsoft.com/en-ca, ikea.ca redirects
to ikea.com/ca/en, etc.)

------
elliottinvent
There have been some efforts to prevent this kind of thing like the Domains
Protected Marks List [1] which allows a company to block a second level domain
registration which is an exact or partial match of their registered trademark,
at a cost.

In this case, a company can block their trademark being registered in 241 TLDs
administered by Donuts, Inc. Other registries have equivalents but it only
really works for large TLD holders (like Donuts, Minds+Machines etc) where you
can block registrations on dozens or hundreds of TLDs.

1\. [https://donuts.domains/what-we-do/brand-
protection](https://donuts.domains/what-we-do/brand-protection)

------
jb775
I attempted to do this in the past on namecheap for an Amazon domain based out
of some obscure African country (domain was showing as available). The domain
order failed, presumably due to reasons similar to authors Gibraltar example.
I messaged namecheap live-chat support to ask why, and they basically said "we
don't know why it failed, but even if it went through, if Amazon asks us to
transfer ownership to them we'd go ahead and revoke your ownership"...which is
BS kowtowing in my opinion.

------
TimTheTinker
> Did you know it costs a minimum of $185,000 to create your own domain name
> ending?

If I were a blackhat with money, I'd register the ".con" TLD.

... Sure hoping a whitehat gets it first.

~~~
lstamour
At least it would be self-descriptive! :D

~~~
TimTheTinker
Another self-descriptive one would be .orc

------
three_seagrass
>Did you know it costs a minimum of $185,000 to create your own domain name
ending? For that kind of money, I think ICANN, the registries and registrar
sites have a massive responsibility to ensure that this never happens.

Which is why ICANN hasn't approved any new TLDs in years, and has a set of
standards for registries and registrars to follow less they lose their
licensing.

------
waiseristy
Strange that Netflix hasn't drunk the Registry cool-aid and bought their "all-
encompassing" TLD package which registers their trademark across all TLD's for
a special price. On top of that, I'm doubly surprised Google hasn't taken
action and already put this domain on hold in preemption of selling Netflix
one of these deals.

~~~
gruez
>their "all-encompassing" TLD package which registers their trademark across
all TLD's for a special price

That's a thing? What's preventing a predatory registry from being a holdout
and demanding exorbitant prices?

~~~
waiseristy
That is a thing for at least one Registry that I know of (and worked for), I
don't know if Google does the same, but I don't believe there is anything
stopping them (please correct me if I'm wrong).

~~~
CydeWeys
Google does not do the same.

~~~
waiseristy
Which makes me doubly surprised! It was my impression that this product
offering was quite lucrative.

------
Jhsto
The weird-looking symbols also go the other way around: if your language uses
umlauts, you can score very good .com domains. For example, I have the
equivalents to email.org, entrepreneur.com, and hacks.com in my native
language. Some of these domains receive so much type-in traffic that they pay
themselves in ad revenue each year.

------
jamieweb
A somewhat relevant project of mine, where you can test how good you are at
spotting these sort of domains: [https://www.jamieweb.net/apps/lookalike-
domains-test/](https://www.jamieweb.net/apps/lookalike-domains-test/)

------
ipsum2
The netflix.soy image is fantastic.

------
drinkcocacola
My mom is unable to pronounce "Netflix" correctly (Spanish is her mother
language), she always said something like "nesflis". So yeah, years ago I
bought nesflis.com for her.

------
musicale
> There was one left: netflix.soy (if you didn't click the link, soy means "I
> am" in Spanish)

apparently netflix.tofu was already taken (tofu is the infinitive form of the
verb "fu" in TLDish)

------
bambax
> _Truthully, I think its pretty bad that I was able to do this._

It is not. The explosion of TLDs is bad. It's simply a racket. But, Google
supported it. So if they happen to suffer some of the consequences... so be
it.

~~~
fermienrico
Explosions of TLDs is bad!? Why?. It got rid of impossible to buy good
sounding and short names, largely massive multi million dollar companies
holding onto them.

Explosions of TLDs literally has absolutely no downsides besides the security
and phishing implications. It just wiped out the domain mafias and replaced it
with a massive competitive marketplace.

~~~
echelon
Many of the gTLDs charge exorbitant yearly fees for "premium" domains as a
means of recouping costs. I pay $300/yr for {myFirstName}.dev. It's extortion,
and I might drop it.

With many of the common domain suffixes now becoming TLDs, branding seems much
more difficult since you have to buy multiple domains. Is it audiotech.com?
audio.tech? tech.audio? Who knows.

I don't think that I would call this better.

My opinion is that Google wants to erode the open web and is using gTLD
proliferation to make it confusing to consumers. Instead of remembering a URL,
_just Google for it_.

~~~
colejohnson66
> I pay $300/yr for {myFirstName}.dev. It's extortion, and I might drop it.

From where? Google? I just paid $12/yr for a .dev domain on Google Domains.

~~~
echelon
Yes, from Google Domains. Some of their domains are "premium".

Here's an unregistered one. "red.dev" is $720/yr from Google:

[https://domains.google.com/m/registrar/search?searchTerm=red...](https://domains.google.com/m/registrar/search?searchTerm=red.dev)

"god.dev" is cheaper at $180/yr:

[https://domains.google.com/m/registrar/search?searchTerm=god...](https://domains.google.com/m/registrar/search?searchTerm=god.dev)

And, of course asdfasdf.dev is only $12/yr:

[https://domains.google.com/m/registrar/search?searchTerm=asd...](https://domains.google.com/m/registrar/search?searchTerm=asdfasdf.dev)

Most of the {firstname}.dev domains are in the $300/yr range, but it's uneven.
Some names cost more or less than others. I remember seeing one as $1000/yr,
but I can't remember what it was.

I double checked my cost. "$180 plus tax"/yr. From Google.

------
ancarda
Somewhat off-topic, tinyprojects.dev and netflix.soy both have DNSSEC, is this
required for some of the newer TLDs (like how .dev has mandatory HTTPS
preloading)?

Just it's rare to see it in the wild.

~~~
ComputerGuru
Nope. As for .dev, Google controls the tld and the HSTS list baked into
Chrome.

------
catsdanxe
I tried to register a google gtld before but namecheap wouldn't let me. I
believe they have some phishing blacklist that they enforce.

------
Multiplayer
Does anyone aggregate access to all 1500 TLD's? Is there a guide available on
which combination of registrars to use to query them all?

~~~
Ayesh
Not all registries participate in the SRS registry protocol. Some of the
lesser known ccTLDs must be registered by the individual authorities.

It's not accurate to run a DNS query to determine whether the domain is
available because one can own the domain, but decide not to set any DNS
records.

~~~
somehnguy
Wouldn't non-existent domains just return NXDOMAIN?

~~~
Ayesh
Yes, but so do registered domains without DNS records.

------
muliwuli
did the same thing 2 years ago, scanned for available domains of known
companies, bought pornhub.it and made redirect to actual pornhub.com

to my surprise, there were around 200 clicks per day, mostly coming from italy
of course. i didn't want to do anything malicious with it, so in the end i
didn't extend. domain was snatched by someone else as soon as it expired.

------
Giorgi
Fun article, however: ".coms are slowly becoming less relevant" no they don't.
They are becoming more relevant if anything.

------
ck2
They can UDRP it from you in less than a week, but if you were trying to waste
time (and money) guess there are worse things to do.

------
Bayart
As an aside, having your entire blog italicized might look « better » on the
eye but it's incredibly laborious to read.

------
krick
> I actually paid for google.gi (gi for Gibraltar), only to get this email a
> few hours later

They did refund you, I hope?

------
rajacombinator
Those domains can easily be seized by the respective companies, which is a
bigger problem imo.

------
zelly
If they wanted to, they could take it from you because they own the trademark.

------
nicoburns
apple.beer is actually a pretty good domain name for a cider company. Not
technically accurate of course, but pretty good from a marketing perspective.

------
symlinkk
Fuck ICANN for pimping out the internet to make a quick buck. We need to
replace them with an organization that is truly neutral and not for profit.

~~~
moonchild
[https://www.opennic.org/](https://www.opennic.org/)

------
david-cako
Haha, I love the drawings.

------
fareesh
I wonder if there is any SEO magic to having those domains. Might be
worthwhile to test it out?

------
einpoklum
Soylent flix is people!

------
ieScHbOR
I bought space.sex

------
intpbro
“I was just a soy boy”

------
spondyl
One of my favourite shortcut domains is [http://aws.moe](http://aws.moe)

------
brianswichkow
Welcome the the club.

These are my domains

[https://mythos.one/brianswichkow?q=my_domains](https://mythos.one/brianswichkow?q=my_domains)

------
sideproject
Yesterday I was doing a search and found weblogs.app (remember them?) I
thought - wow, I'll grab it. Then I thought, nah - who uses weblogs? But it's
nice to find domains with easy-to-remember names. I've bought one too many
domains in my life, which I've been moving to my new tool -
[https://newsy.co](https://newsy.co)

