What are some risks of purchasing a "used" domain name

Question

If you purchase an existing domain name that was already used by someone else what are the ways in which the domain could have been broken by the previous owner? Are such problems common and are there tools to detect them before purchasing a domain?

Two examples: An HTTP server serving the domain could have returned permanent redirect making a domain unusable for visitors that received the redirect until they clear browsers caches.

Similarly, a server could have returned HTTP "Strict-Transport-Security" header making a domain unusable over HTTP for visitors that received the header.

Any other examples?

You might want to rephrase the question to make it very clear what you're asking. — MCW, Dec 07 '12 at 11:45

LLub · Accepted Answer · 2012-12-07T22:07:55.157

32

Some common risks to check:

Domain has Bad reputation - check for any existing negative online reviews for the domain.

Domain is Blocked in search results - Risk of search engine turning off the domain in its search results due to the previous content, malware etc.

Domain is Black listed - Domain on black lists such as Web of Trust and spam lists.

Sometimes the Way Back Machine can show you the domain history.

EDIT:

IP / Trademark infringement - the domain you purchased may infringe registered trademarks: consult your legal advisor before purchasing

edited Dec 07 '12 at 22:07

answered Dec 07 '12 at 11:22

LLub

1,246
10
21

Additionally, watch for stuff like email domain blacklists (rfc-ignorant and such). – Tom Marthenal Dec 13 '12 at 11:27

score 15 · Answer 2 · answered Dec 11 '12 at 22:52

15

In addition to the ones mentioned already, the previous owner may have a SSL certificate that may still be valid. That would be a major issue especially for sites dealing with commerce.

answered Dec 11 '12 at 22:52

Tech163

293
2
8

[Related question](http://security.stackexchange.com/q/17548/12139). – unor Mar 27 '14 at 13:50

score 4 · Answer 3 · answered Dec 08 '12 at 11:02

I've figured out one more nasty trick: A long-term cached documents returned by the previous domain owner could be potentially used to steal cookies set by the new owner.

Say, GET http://webstore.com/ returns an HTML document with cache expiration long in a future, and following content:

JavaScript that reads all cookies and sends them to evil.com
iframe that loads http://webstore.com/index.html, so the page looks exactly like a normal index.html.

Now, when someone purchases webstore.com, all cookies set by the new owner can be intercepted by the previous owner (of course only for visitors that visited webstore.com when it belonged to the previous owner).

@MarioAwad Not really. But it does depend on the user having visited the domain before you bought it, so its a fairly limited attack. — derobert, Dec 11 '12 at 18:46

What are some risks of purchasing a "used" domain name

3 Answers3

Linked