Between 2014 and 2016, a number of people reported visiting a website – the URL differed in every account, always a string of random characters followed by .net – that greeted them by their full legal name.
Not a username. Not an email. Their name as it appeared on their birth certificate, in some cases including middle names they had never used publicly and, in at least three documented instances, a maiden name the person had not used since childhood.
The site contained nothing else. Just the name, centered on a white page, in plain black text. Below it, a single line: we have been expecting you.
The URLs never resolved twice. Screenshots exist but the pages don’t cache. Web archive crawlers found the domains registered to shell companies that dissolved before the registrations could be traced.
The prevailing explanation is an elaborate phishing operation with unusually good data. This explanation satisfies almost everyone.
It does not explain the three people whose names appeared on the site before those names were legally finalized – two pending adoptions and one name change still in process at the time of the visit.
