Domain teleportation

    It seems like today is not my day. At the end of the working day I get a notification that one of my domains on naunet.ru was forcefully deleted, although I recently paid for its extension. I rush into a chat to support, here's the story:


    16:56 I: good afternoon!
    support: What is your contract number?
    16:57 I: No. *******.
    My domain has just been deleted?
    who did this?
    why?
    support: More specifically.
    me: Good afternoon!
    This letter is generated by the accounting system of the company “Naunet SP” (https://client.naunet.ru).
    Here is the result of processing your request automatically.
    Application successfully completed.
    Your application:

    action: DELETE
    domain: antshop.us
    options: force

    TC response:
    For complete information about registered services
    and spending, you can contact
    client.naunet.ru, specifying the administrator login
    and the corresponding password during authorization .


    I received it an hour ago.
    I did not order domain removal for
    8 minutes.
    17:06 support: The domain was transferred from us by EPP code to another registrar.

    Thus, if you did not do this, you should think about the fact that someone has access to your mail, to which your contract is registered.
    17:07 I: could knowing my password on naunet.ru do this?
    17:08 support: EPP code is obtained in the client.naunet.ru service management system.
    Confirmation comes in the mail.
    me: I didn’t receive a confirmation
    by mail;
    I received a notification about domain removal;
    how can I return it?
    17:09 support: Get access to it.
    17:11 I: I did not have confirmation of receipt of the EPP-code in the mail
    how to access the domain?
    support: Since the domain is not registered through us, we can not give you an answer to this question.
    17:12 I: how is it?
    I’ve transferred this
    support domain to management on the Internet : This domain is no longer registered through us, because someone on your behalf has performed operations in the system that remove it from our control.
    17:13 I: what should I do to secure other domains?
    support: Obviously, take care of changing passwords.
    17:14 Moreover, this should be done with uninfected Trojans.
    5 minutes.
    17:20 I: is there a log in the blow?
    how can I see who came in, what ip and what did?
    I don’t believe that someone could break my password, and even more so, take possession of the mailbox.
    Why was only one removed from the entire list of domains?
    support: According to your paper statement written in our office, we may provide this.
    me: and fax?
    I'm in another country
    17:21 support: A paper letter notarized and sent by mail will suit us.
    Fax not.
    I: understand
    I have a margin of time? Is there some kind of temporary buffer to return the domain?
    17:22 support: Colleagues report that domain actions were not done through our panel, but through the Directi panel.
    Thus, we do not have logs.
    17:23 The domain is not already registered through us, so we can not help you with anything related to the specified domain.
    You can try contacting Directi through support.resellerclub.com.
    17:24 I: understand. thank you very much, now I will call them.
    please tell me how is this possible? if you don’t have access to the naunet, then how can I pick up a domain through another registrar?
    17:25 support: Apparently, someone got access.
    How this happened - we cannot know.
    Maybe through the mail.
    me: access to where?
    support: Maybe through correspondence with their support.
    17:26 Access to the Directi panel where your domain was registered.
    20 minutes.
    17:46 I: but who gives out this EPP code?
    Gave a code?
    support: As you already reported, our panel did not participate.
    17:47 I: so should I write to directi.com or resellerclub.com?
    17:48 support: Since the domain was registered through us, you can use support.resellerclub.com

    I have already unsubscribed to support resellerclub, I'm waiting for their answer. Checked for viruses - clean. The mail was open all day and I received a notification about each new letter. Although, if the transfer of the domain did not go through naunet.ru, mail has nothing to do with it.

    Please tell me how to proceed next? Indeed, if without any passwords, the domain can go nowhere, it becomes scary to live. Can / should / should naunet.ru provide assistance in this case, are they responsible for the safety of domains located in their panel?

    PS: Unsubscribed on a hub here the maximum concentration of IT-literate people. I really hope for help with advice in this situation.


    UPD: Today (05.10.09), after lunch, I found in my admin panel a nounet, the “escaped” domain. Definitely, an error occurred in Direct, which they wrote to me several times during these days, while they were solving this problem.
    After returning the domain, the tech support didn’t write anything (thanks, at least they returned the domain to its place).

    Also popular now: