report Stolen domains: Dubaitravel.com, Egypttravel.com, onejob.com,37h.com,4e.net, IBahrain.com, Araby.com

[Osamaadam]

I am writing to formally report the theft and unauthorized transfer of several of my domains from my Dynadot account.

The stolen domains include:
• 4e.net
• Dubaitravel.com
• Egypttravel.com
• Araby.com
• Onejob.com
• 37h.com
• iBahrain.com

Dynadot has already investigated this matter and successfully returned 90 of my stolen domains back to my account. However, the above domains were either fraudulently sold on the Dynadot marketplace (such as Egypttravel.com, Dubaitravel.com, and Onejob.com) other domains transferred out to other registrars, including GoDaddy, Cloudflare, Gname

I have contacted both GoDaddy and Cloudflare, and both confirmed that Dynadot must initiate the IRTP process with the current registrars to restore my stolen domains.

I respectfully request that GoDaddy, Cloudflare, Gname

1. Place an immediate lock on the affected domains to prevent further transfers.

2. Cooperate with Dynadot in the IRTP process to return these domains to my control.

3. Confirm the current status of these domains in your system.

This case is already verified by Dynadot, and the successful return of 90 domains proves my rightful ownership. I kindly ask for your urgent assistance in recovering the remaining high-value domains listed above.

 

[Future Sensors]

@Dynadot @Caleb Tweed

 

[Future Sensors]

@GoDaddy @GNAME.COM

 

[Osamaadam]

Spread this everywhere. Let fraudsters know: you cannot hide, you cannot win.





Together, we protect our community and our assets. Every share counts!

 

[Future Sensors]

Not so fast.

 

[alcy]

stolen how?

most complain dyna suffers from too much security

 

[Future Sensors]

I respectfully request that GoDaddy, Cloudflare, Gname

The other registrars can't just take action on their own. ICANN rules require your registrar of record (Dynadot) to initiate the IRTP process. Without that formal request, GoDaddy, Cloudflare, or Gname are limited in what they can do.

 

[Future Sensors]

Also: as the registrant, you can't request it yourself (and especially not on this forum). Your registrar has to initiate the process, on behalf of you.

 

[Lox]

Not so fast.

... sounds like a lot of people having problems with the Dyna, especially new members. One problem I have is that NP is mis-used ...for ping pong & gong . @Bravo Mod Team

Regards

 

[lambo.com]

I am writing to formally report the theft and unauthorized transfer of several of my domains from my Dynadot account.

The stolen domains include:
• 4e.net
• Dubaitravel.com
• Egypttravel.com
• Araby.com
• Onejob.com
• 37h.com
• iBahrain.com

Dynadot has already investigated this matter and successfully returned 90 of my stolen domains back to my account. However, the above domains were either fraudulently sold on the Dynadot marketplace (such as Egypttravel.com, Dubaitravel.com, and Onejob.com) other domains transferred out to other registrars, including GoDaddy, Cloudflare, Gname

I have contacted both GoDaddy and Cloudflare, and both confirmed that Dynadot must initiate the IRTP process with the current registrars to restore my stolen domains.

I respectfully request that GoDaddy, Cloudflare, Gname

1. Place an immediate lock on the affected domains to prevent further transfers.

2. Cooperate with Dynadot in the IRTP process to return these domains to my control.

3. Confirm the current status of these domains in your system.

This case is already verified by Dynadot, and the successful return of 90 domains proves my rightful ownership. I kindly ask for your urgent assistance in recovering the remaining high-value domains listed above.

what is the extent of your negligence and where do you self assess as having failed (if it all)?

 

[Future Sensors]

Here's the process:

The IRTP "undo" process, formally handled under ICANN's Transfer Dispute Resolution Policy (TDRP), begins when the losing registrar - the one the domain was transferred away from - receives a report from the registrant that the transfer was unauthorized. The registrar first verifies the registrant's identity and checks its own records to confirm that the complainant was indeed the rightful owner before the transfer. It also confirms that the transfer took place within the allowable dispute window, which is generally six months from the date of transfer.

Once ownership and timing are confirmed, the losing registrar gathers all relevant evidence. This can include the Form of Authorization (FOA) records, timestamps of the transfer request, IP logs, WHOIS history before and after the transfer, and any internal account access logs that might indicate a compromise. The registrar also notes whether the domain was locked at the time, as this can be a key factor in proving an unauthorized move.

With the evidence in hand, the losing registrar formally contacts the gaining registrar - the one currently holding the domain - to request a reversal under the IRTP. This request is sent through the registry's designated dispute channel, and in many cases, the registry operator is notified immediately to place a hold on the domain so it cannot be transferred again during the dispute.

The gaining registrar then reviews the evidence provided. They may attempt to contact the current listed registrant for confirmation, but if the documentation clearly shows the transfer violated IRTP rules, they will agree to return the domain. At that point, the registry executes the reversal, moving the domain back to the losing registrar's control. The domain is often placed in a locked status to prevent further unauthorized transfers.

After recovery, the losing registrar works with the registrant to secure their account, typically by resetting passwords, enabling two‑factor authentication, and updating contact details. The registrant confirms that the domain is back in their account, and the registrar closes the case, keeping a record for ICANN compliance purposes. This process is entirely registrar‑driven - the registrant cannot initiate it directly - which is why cooperation from the losing registrar is critical in stolen domain cases.

 

[TheFriday]

After this i'm more afraid because my 90% domains on dyna and might be these members don't have 2FA active.

 

[Osamaadam]

stolen how?

most complain dyna suffers from too much security

what is the extent of your negligence and where do you self assess as having failed (if it all)?

I reported the scammer to Dynadot immediately upon noticing the unauthorized activity, as I fully trusted the security of my account. My email is highly secure with Google, and I have never clicked on any unknown links

But I don't know why they don't care about my reply

 

[Lox]

stolen domain cases.

DD deeper, different angle... It will save you time and give you ... Oh, oh

 

[Future Sensors]

What I find a bit odd about this story is that Dynadot apparently already helped you with the vast majority of your domains. Surely they've already formally notified the other registrars about the other domains, as well? I'm afraid you'll just have to wait. You can't speed up this process, and especially not with a forum post.

 

[Future Sensors]

DD deeper, different angle... It will save you time and give you ... Oh, oh

At this rate, NamePros should have a full‑time team just to invoice for all the hours this circus burns through.

 

[alcy]

I reported the scammer to Dynadot immediately upon noticing the unauthorized activity, as I fully trusted the security of my account. My email is highly secure with Google, and I have never clicked on any unknown links

But I don't know why they don't care about my reply

well I hope u are better at staying secure than answering a question

 

[Brother Bob]

After this i'm more afraid because my 90% domains on dyna and might be these members don't have 2FA active.

Dyna. is very secure!

There’s no proof on this topic. Why be scared? I think it's the same guy with the afternic and dyna. issue by the name "nexusforget".

 

[Osamaadam]

Dyna. is very secure!

There’s no proof on this topic. Why be scared? I think it's the same guy with the afternic and dyna. issue by the name "nexusforget".

 

[Namer.id]

So some of them actually listed for BIN in dyna marketplace?
Wont the proceed actually goes to you acc? Or is it into scammer wallet?