Ha. So here it goes I guess, I’ve been working on this pretty consistently for too long now (backend mainly).<p>Inspiration for the project was based off one I made over half a decade ago. And I gratefully got recognized on HN for it! I saw (my) username that posted it, tried a few of my go-to password ’s, and boom, I still got it :)<p>Here was the thread for a trip down memory lane <a href="https://web.archive.org/web/20160322215116/https://news.ycombinator.com/item?id=9025800" rel="nofollow">https://web.archive.org/web/20160322215116/https://news.ycom...</a><p>And the new one is called DecentDrops.com - Would have totally used DomainInferno again but looks like some squatter had it, hey that’s what I get for neglecting I guess. Still not sure why.. Updated daily. Sorry I’m bad about rambling and don’t want to do a (bigger) wall of text but if you’ve got questions shoot em!
As recently expired names, you should be aware that they may suffer an array of detriments.<p>Notably:<p>"Pinned" security properties like recursive HSTS may apply until they expire. Even if <i>you</i> have only ever operated <a href="http://clown-photos.example.com/" rel="nofollow">http://clown-photos.example.com/</a> and never <a href="https://clown-photos.example.com/" rel="nofollow">https://clown-photos.example.com/</a> the previous owner of example.com could have set policy saying all names are HTTPS-only.<p>Certificates issued in the Web PKI as much as three years ago for names in these domains may still exist and be valid. In principle some of them might even not be in CT logs. As new owner you are entitled to have those certificates revoked, but to do that you first need to know they exist.<p>Adverse user permissions decisions apply indefinitely. If the previous owner spewed notifications, or had unsolicited video content the resulting adverse decisions by users survive the change of ownership. (The other side of this applies too, if you buy a popular cat video sharing site, you're going to inherit lots of "allow autoplay" type permissions) but that's something you'd probably explicitly plan for rather than being a surprise.<p>White and black lists maintained by third parties may impact you. Whether that's a DNS blacklist that means some PiHoles block your whole site because the previous owner was an advertising network, or a spam blacklist that ensures your newsletter is never seen by its subscribers, that could be a real problem. Some list maintainers are very responsive, others not so much.<p>Speaking of lists, the domain could be on the PSL. Again you can ask to be removed (or indeed added if your planned use would mean the domain should be on the PSL and isn't). But if you don't realise the domain is PSL listed, you'll be astonished that it's impossible to get a Let's Encrypt certificate for *.example.com, or that cookies and frames and other origin-restricted stuff doesn't work as you expect.
You know, someone needs to make an Iron Chef styled reality TV show where teams of web developers are each handed a random recently-expired domain name and challenged to make a viable service that fits that domain.
If anyone's wondering why the results started looking a tad more strange (and higher rate of unavailable domains on the list), it's because todays list was just processed over the course of the past. ~20min. Have some jobs spread out a little to be nice to the server and inconsistencies.<p>For the next who knows maybe hour or so, from this minute actually, you'll probably notice a few more than average domains one the list are already taken. Don't worry i've got my best robot people on it
This is neat.
After browsing for several pages, I'm yet to find something that is a decent name.<p>In a similar space, I really like <a href="https://park.io" rel="nofollow">https://park.io</a>
I remember seeing a hacker talk about picking these domains up and setting up an MX record to collect emails meant for the past registrar. .. Including 2FA and passwords resets if I recall correctly..
Thanks for this, found a diamond in the rough.<p>Good on you for restricting people from sending "4" or less for the character count; I'd probably hide that too and use that for my own needs in your position, though it only raises the barrier from opportunistic searchers to people with a mild amount of curl/grep knowledge.
a) Really awesomely cool!<p>b) Kinda sad to read all those names and think that someone once thought, 'hey, this could be my baby.' Sure, I imagine a bunch of them were just hoovered up by domain squatters, but at least a few of them are failed sites, right? … right?
Really impressive, and de-motivating for me! :) I was working on something similar as a side project. The only information that was not easy to get, because it was not delivered with every DNS request, is the "expiration date". How did you manage to get it? Or even more interestingly: Are you willing to give some insights, how you realised it?
Anyone have recommendations for a nice and easy, "no BS" site for selling a domain? Or even some "we'll (try to) sell it for you and take a commission" type of place?<p>I've got <i>one</i> domain that I think I could actually sell for a decent price, but I just really don't wanna deal with it...
Nice site! Just from a UX perspective, I’d advise against a modal dialog within a second of landing on the page. Consider a dismissible header for the introduction instead.
I have sem.fyi available and several other nice 2-3 letter .fyi domains at <a href="https://rad.fyi" rel="nofollow">https://rad.fyi</a>