It was probably due to the domain registry realizing they sold a "premium" domain as an ordinary one. Here's Porkbun's explainer: https://kb.porkbun.com/article/191-registry-deletion-of-doma...

This happened to me. Bought a domain for $10, and it was taken back a week later due to being a mistaken premium domain.

Thanks. Helpful.

Not the same scenario but recently GoDaddy conveniently "forgot" to extract auto-payment for the only domain I still had with them (somewhat exotic .es TLD) and also forgot to warn me about it, letting the domain registration lapse.

I noticed it via the automatic monitoring once the domain stopped resolving and escalated it, at which point GoDaddy graciously offered me to reinstate the domain for $55 lapsed registration fee. After a brief (10 sec) consideration I've made a counteroffer by telling GoDaddy to go fuck themselves and registering a "normal" .com domain with my default registrar. I am very lucky it was a tiny hobby website with no critical audience. Thank you for the lesson, GoDaddy!

I was surprised to learn last week that GoDaddy waits until the renewal date to renew. I'm used to other registrars renewing 30 days in advance, so you have time to fix any billing issues before the fees to get it back after it expires.

Do others renew or "renew"?

Holding the money in between doesn't buy any additional security with ICANN, does it?

Are you in Spain? Does GoDaddy have a Spanish office?

You may be able to file a complaint with ICANN, see

https://www.icann.org/compliance/complaint

Don't expect anything to happen. However, if enough people have the same complaint Godaddy might have their hand informally slapped.

Alternatively, if you have the documentation you say, you could sue them (they are a US-based company after all).

Yeah for the hundreds of millions of dollars they take, and supposedly don't take profit from, it's hard to understand how ICANN performs such a poor job of regulating registrars.

There are many domain registrars out there, and most are better than GoDaddy. Try buying the domain from Google Domains or Namecheap, though it sounds like GoDaddy “bought” it and is trying to get you to pay $2000 for it, so you probably can’t get the domain from another registrar. Malicious or not, this is par for the course for GoDaddy.

Sadly Google domains has been sold off to SquareSpace so depending on your thoughts about then you may want to consider elsewhere.

Cloudflare sells domains at bulk price

By "sells domains at bulk price" do you mean they sell them to you, the customer, at the wholesale price they buy them from the registry?

Yes

> Cloudflare Registrar will only ever charge you what we pay to the registry for your domain. No markup and no surprise fees.

https://www.cloudflare.com/products/registrar/

Note that you have to use their name servers. Or at least that’s what I read somewhere on HN.

Custom/Vanity nameservers are currently business/enterprise accounts only AFAIK.

What utter rubbish. Cloudflare hosts 4chan, phishing sites, pirate streams, fake government ID producers, malware delivery, and scammers. If that bar is still too high then whatever content our hypothetical wanker is seeking to host is either very harmful, very illegal, or both.

I have proof, it's not 'rubbish' but truth thank you. (see other comments replied with links and read them)

your statement of "Cloudflare hosts 4chan..."

I did a whois and it says 4chan DNS is CONSTELLIX - I'm pretty sure that's not cloudflare, but I admit I could be wrong on that (I do not know all of CF's nameservers) - (also they publicly booted 8chan, (maybe you did not know this) so similar others I would assume also lost thier ddos protect from CF)

If you have proof they protect the other kinds of sites you mention then it would not surprise me to see them all pulled from CF, they are not the free speech champion they were 7 years ago.

most of what you stated seems to run afoul of their stated "We may block or remove any content we determine":

Infringes on intellectual property rights;

Contains, installs, or disseminates any active malware, or uses our platform for exploit delivery (such as part of a command and control system);

Is otherwise illegal, harmful, or violates the rights of others, including content that discloses sensitive personal information, incites or exploits violence against people or animals, or seeks to defraud the public.

( https://www.cloudflare.com/trust-hub/abuse-approach/ )

Perhaps you are thinking of the old cloudflare pre-2017

Do you have any additional information on the first claim you made? I transferred my domain from google domains to cloudflare and this sounds quite concerning to me.

They did a 180 in 2019 - DDG search 'Terminating Service for 8Chan' and 'Blocking Kiwifarms'

That's not a 180, but a business decision when going live on stock exchange.

Still doing that would be somewhat controversial and would be a liability for the stock ( + give a wrong impression for normal investors = not in IT)

"but a business decision when going live on stock exchange." - I agree - and ain't nothin' wrong with that - be a sell out, and get that paper, lots of it!

But it IS a 180 - at least for those of us who watched the early days of cloudlfare, and how they really championed the whole free speech / we are dumb pipe / we don't block things.. way of pushing back on people and org's who demanded they block and censor things..

a lot of people gave massive goodwill to the brand, and were unaware of the changes (see the other comments here where many here were still under the impression they provided services to these and other sorts of things)

I agree it could be a liability for the stock - sure - so let's just be honest about what they are now - a semi-censor machine, not too different from godaddy - who also became a slave to wall st and those who use it to push agendas - godaddy is no longer the company that Bob (and many other OGs) created, and Cloudflare is no longer the thing it was.

Supporting either of these places today is supporting the censoring of the web by a few, and with consolidated power at this point as well.

If you own stock in it, then I'm sure you'd like it that way - and I don't blame you if you are on that side of the glass.

I am not really sure how long you think a US company ( or any) can ignore block requests.

Even the most obscure ones are playing wackamole with edge cases in certain countries.

Ps. Yes, I own stock in it. It's not about "I like it that way", it's just that i don't see it as possible in combo with being a big company.

"how long you think a US company ( or any) can ignore block requests." - Funny thing is I posted about this issue with cloudflare many moons ago when there quite a few articles boohooing CF - many from euro / uk - protect the children type things.

At the time I suggested that Cf should get ahead of the issue by splitting up the company and the infrastructure - so they could have a CF_UK and a CF_US and CF_Whatever - bifurcating the services as each country and area starts crafting more and more demands.

Big companies often do manage to do business in many parts of the world and have different ways of managing business in one place different than the next.

It's strange how highly controversial web sites can exist with ICAAN not prohibiting domain names, and sites can usually find hosting somewhere - but as soon as you get to DDoS protection, and domain re-registration different places start throwing up morals and panics, refusing services.

Cloudflare got a lot of people using it, and big money investing it by offering to protect the pipes of the net.. they did good for a long time protecting information by staying a neutral pipe.

As I saw the NGO demands that CF grow louder, I assumed legislation would force thier hand to either start blocking when X or Y place asked - not just when DOJ had a court order - and that feild would get murky, meaning they'd have to bifurcate to handle different cultures in different ways eventually..

But it was not courts, it was not new laws. It was the emotions of a single guy that turned big pipes into blockable canals - it was one guy that decided time and time again to start to judge words / pics / information and block things. On a whim, in a knee jerk fashion, without warning - and now no one could know if they are safe when seeking the safety of the open web.

It's a fuzzy needle - what's okay changes on occasion with no fanfare, not committee, no rails. It's their own trivial changes, I assume are controlled by the fbook or twitter feed that CEO gets pushed in his emotes.

So CF is now fair game for all the cancel culture to push around - get the 'right' demanding X thing be blocked - get the left to demand Y thing get blocked - let's enjoy this fun game. Our censor wars got to the point where mural of Washington had to painted over and kids books are banned.

Cf can protect all the PG-13 content of the net from DDoS and be a multi-million dollar company! I guess it could be, there are those who want to remove sesame from the airwaves - it might need protecting.

It can be a big company following all the rules of each country in the world and the extra rules that run the emotions of the main guy and the demands whatever groups that think whatever X should be blocked.

You're wrong, they are doing what a registrar does

https://www.cloudflare.com/en-gb/products/registrar/

I read the page you linked, I see nothing that says they allow registration of domains or won't remove a domain they kicked off their other services.

The page does highlight abuse reporting - from there is a link to a page with a neat graphic that shows some of their services they feel are in a grey area of responsibility (https://www.cloudflare.com/trust-hub/abuse-approach/ ) and hand wavy infrastructure is important blah blah..

but then you get to the next section and it lists a to of stuff they block without a court order (and a couple they block with) -

Now does that page relate to the other services and not their domain registration is that what you are implying?

CF is still the biggest free speech champion compared to other cloud providers. They still provide some contents that some people and content holder want to taken down.

Not sure this claim can be made unless we are getting picky about defining cloud providers or how you mean 'biggest'.

They can not be the 'best free speech champion' if they block multiple speech platforms and started to work with gov agencies on how to craft rules to force more blocking, imho.

every provider hosts some form of something that 'some people and content holder want to taken down.' - some more than others - that has nothing to do with the fact that cloudlflare promoted themselves as free speech champions / we are a dumb pipe - into we block and are making it easier to block things.

Source on first point?

their own public posting: https://blog.cloudflare.com/terminating-service-for-8chan/ for starters.

see also https://blog.cloudflare.com/kiwifarms-blocked/ - read all the lines.

Porkbun ride or die.

Namecheap sent me NFT bullshit in a newsletter, I'd use porkbun or cloudflare if you use cloudflare.

There's effectively no recourse. You can complain to IANA; Their pile of Godaddy complaints stacks to the ceiling so they can't add more.

About nine months ago one of my clients bought a domain at "auction" run by Godaddy. Their auction terms included a 1 year renewal. Godaddy didn't renew the domain when he received it; Wouldn't have been a big deal but they also didn't allow renewal for a week afterwards "while the transfer took place". He set up automatic renewal and forgot about it.

Then, three months later, the domain came up for renewal. Godaddy failed to process the transaction once, failed to send him a notification e-mail, failed to send a second notification e-mail (The customer support rep confirmed that the e-mail notifications had failed in writing) and he lost the domain. It was promptly scooped up... By Godaddy. He had to buy it from them (rather, their shell company, "dan.com") again, for the same asking price.

It was a shitshow and there's an important lesson here: Never ever ever use godaddy. It's worth your time and money to switch immediately.

Thanks, good to know

Not related to domains...

By my own experience I know they don't have even basic business ethics.

Several years ago, a quite a large transaction appeared in my credit card bill. Upon checking I found GoDaddy charged for a hosting service I never asked for. Upon calling their support, they were not surprised or asked any question, they just rollbacked the transaction. I'm saying again, no sales person or anyone reached out to me before using my credit card to process the order I never asked for.

I have a few domains and a shared hosting service with them. Their price increases are not justifiable. I'm in the process of packing my stuff.

I had something similar happen a billion years ago.

I used to have this email address cheney@ice.org and a domain registered through Network Solutions using that email address. This was around the time that Verisign purchased Network Solutions. At some point the email mutated to cheney@icq.org whether by my error or theirs. At that time ICQ was the premier instant messaging tool because there was no other such thing. Around this point in time ICQ was sold to AOL including all intellectual property. The domain name for ICQ was actually icq.com, but AOL owned all similar domains for trademark reasons.

I could not get my domain free from VeriSign where it went into limbo at time of renewal and I could not get any help from AOL. The problem is that there was an account recovery tool for domain registrations, but it was based entirely upon email associated with a registration and I could not receive any mail at the icq.org domain. I was able to actually reach the person who managed online IP for AOL (as they had contact information in a whois for one of their domains) and still could not get help to resolve this issue out of fear weakening a trademark.

After 9 months of frustration I suggested some nonsense in the #gentoo IRC channel of Open Projects (later Freenode) that contained about 1100 highly active participants. I mentioned that Fort Hood just installed a tremendously huge internet pipeline, huge for that time, and they weren't using that bandwidth just yet. If an insider knew what they were doing they could easily use that bandwidth to DOS Network Solutions and take down a massive chunk of the internet. It was likely easier than it sounds because there was one of the fattest pipes around, with almost no security or monitoring, so you just needed some level of command and control and inside access. Before their purchase by VeriSign, Network Solutions was a government contractor managing most of the DNS registrations, so they still held many of the older DNS registration records. That's how my domain became associated with VeriSign.

The next day a sales rep from VeriSign called me on my landline at my college dorm offering to help resolve my email account issue.

Over the years, I've noticed GoDaddy has a disproportionately large number of unsatisfied customers compared to other domain registrars.

godaddy are active enemies of the free and open internet. avoid at all costs, using them is voting for a corporate internet.

Sue. If everything you say is true, it sounds like a good case of fraud.

Meanwhile, deal with a different registrar. I moved most of my stuff off GoDaddy years ago.

I wonder if there’s a domain-name equivalent of Lis Pendens [0] that would prevent the sale of the domain.

[0] https://en.wikipedia.org/wiki/Lis_pendens

Thanks, a bit lost as to what to do as this was a very important domain for me. Both on a professional and emotional level. Do you think I'd still be able to sue despite the fine print?

You'll need to ask a lawyer.

I don't know because I haven't read their fine print recently. Like I said, I moved my domains years ago.

But just because they say something in the fine print doesn't mean it will stand up in court.

Good old contracts of adhesion.

Avoid Godaddy at all cost.

You should check the ‘whois’ information for the domain for the date it was registered. Here is a website to do this: https://www.whois.com/whois/

It can happen that an already registered domain will be apparently available but in reality something the website is querying fails to provide the correct information.

This has happened to me in the past, but checking ‘whois’ revealed the domain had already been registered and was active for a while.

I was going to ask who you bought the domain through, but I assume GoDaddy.

If not, that's who you need to complain to.

GoDaddy has been known for shady practices for some time now. They are NOT the only registrar out there. People really need to ignore their ads and shop around.

Do not use Godaddy

https://science.time.com/2011/04/04/godaddy-ceo-on-shooting-...

Write an army of bots to check millions of domain names on godaddy. ¯\_(ツ)_/¯

There are enough GoDaddy horror stories online for people to stay 6 feet away from them. Quite fascinating its still a thriving business...

Namecheap did this to me in January. It's infuriating.

somehow hearing this about namecheap is even more infuriating. godaddy has a reputation that makes this no surprise, but i get a lot of conflicting feedback about namecheap. i heard good things and bad things about them. in the recent discussions on HN namecheap came off mostly positive, and then suddenly there is your story, confirming what i heard about namecheap earlier. now i don't know what to think about them.

Who would use GoDaddy on purpose? Do you also plan to host your app on Oracle's cloud? Horrible.

Use Porkbun next time.

You're right, godaddy is hostile. Never should have used in the first place.

Lawrence Joseph Ellison.

^-- this

May I ask what TLD this was?