NameSilo

Nameservers Changed Issues on Sav.com

Spaceship Spaceship
Watch

xmarthost

XMart HostEstablished Member
Impact
22
My nameservers for all domains have been changed to ns1.all-harmless.domains and ns2.all-harmless.domains, and I am unable to change the DNS again. What could be the issue?

Also, a friend of mine is facing the same problem with over 600 domains. What's going on with sav.com?
 
3
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
What the heck are you on about? I am Dutch with a HK, US, and DUTCH company and it wasn't just people from India.

Stop defending the obvious, let's go.
Any help we can get from you? Really trying to get my 255 domains back.
 
1
•••
What the heck are you on about? I am Dutch with a HK, US, and DUTCH company and it wasn't just people from India.

Stop defending the obvious, let's go.
im not defending anything. Just remember there are mad rush(ians)es and calmly thinking thru things as well.
 
0
•••
im not defending anything. Just remember there are mad rush(ians)es and calmly thinking thru things as well.

Like giving EPIK chance after chance just to get fucked over again? No thanks, mate, simply do not touch my property, might want to re-read the entire thing.

Plenty of time for them to announce an "attack of any sort" happened.
 
2
•••
"These domains appear to have been recently registered for the purpose of abuse."

That looks like a doing of some government agency, who are often eager to block anything that is parked or contains any politics/government related keywords. They got more active with the recent EU law changes and will get even more active in October when NIS2 comes into full force. Registrars are going to have different approach to that matter but there's only so much they can do. It seems sav decided not to question anything and just block whatever it's told to block (plus a lot of collateral damage, probably).
 
Last edited:
1
•••
FWIW, member @Seventy indeed has a Dutch Chamber of Commerce registration under #92186068.
 
5
•••
Like giving EPIK chance after chance just to get fucked over again? No thanks, mate, simply do not touch my property, might want to re-read the entire thing.

Plenty of time for them to announce an "attack of any sort" happened.
absolutely, im not arguing with you, you just have an emotion going on at the same time. This and Epik arent the same thing though, epik effected the whole company and customer base. This is localized to hongkong, pakistan, and india. Think! Why? What is it that these three places have in common and what is going on in the world rite now for this to happen?
 
0
•••
"These domains appear to have been recently registered for the purpose of abuse."

That looks like a doing of some government agency, who are often eager to block anything that is parked or contains any politics/government related domains. They got more active with the recent EU law changes and will get even more active in October when NIS2 comes into full force. Registrars will have different approach to that matter but there's only so much they can do. It seems sav decided not to question anything and just block whatever it's told to block (plus a lot of collateral damage, probably).
governments hire hackers all the time to push their agendas for them.
 
0
•••
absolutely, im not arguing with you, you just have an emotion going on at the same time. This and Epik arent the same thing though, epik effected the whole company and customer base. This is localized to hongkong, pakistan, and india. Think! Why? What is it that these three places have in common and what is going on in the world rite now for this to happen?

You tell me since you know so much about it.

"recently registered domain names like the ones I held for several years?"

Stop the cap man, I am neither emotional, and even if I were it would be understandable I am pretty firm on where I stand with this, simple. Did you never hear how straightforward Dutch people can be? It's in our nature.

Maybe when you decide to take your property serious you might understand, it's little to no difference from taking your home away.
 
Last edited:
4
•••
My theory is Sav.com is partly to blame for sleeping or missing something, but not the main culprit.
 
0
•••
i noticed they have an abuse center where anyone can write in to them and report someone else just like big brother program. Only paranoia of fascist states follow thru on these kinds of things that dont have backing of some kind of importance, like government officials and warrants. Even if its all fake by hackers, the report couldve looked official and important.
 
0
•••
The final update is that Sav.com has re-enabled my 93 domains. There was an abuse report on one domain, which belonged to a client and was hacked. Because of that, the entire account was locked. Anyway, a big thank you to the Sav.com team for understanding the issue and reactivating my domains.
 
9
•••
The final update is that Sav.com has re-enabled my 93 domains. There was an abuse report on one domain, which belonged to a client and was hacked. Because of that, the entire account was locked. Anyway, a big thank you to the Sav.com team for understanding the issue and reactivating my domains.

How did you managed to get them to reply. They are not replying to me. They have closed my account.
 
1
•••
.
 
Last edited:
0
•••
I just got this email from Sav.com

It took a public LinkedIn post and talks with a layer to get re-enabled with again zero reason given.

Already paid all the fees for the transfer, THIS IS EVEN MORE WILD.

Abuse, you name it.

Here you go...

Sav.com, LLC
2229 South Michigan Ave, Suite 303, Chicago, IL 60616
+1 (888) 580-8790 (Law Enforcement Only) | sav.com | [email protected]

Dear Registrant,

Sav.com thanks you for being a customer and choosing us for your domain name needs.

We have re-enabled your account.


Yours sincerely,

Sav.com Safety

## OFFENDING DOMAINS

* betwisdom[.]com

* welcome[.]agency

* 247beverages[.]com

* genesis[.]ventures

* trendyour[.]com

* feedingtruth[.]com

* findingadventures[.]com

* zonic[.]io

* domainname[.]forsale

* visitgalaxy[.]com

* ocean[.]ventures

* devilserver[.]com

* blogexpert[.]net

* freedomandhappiness[.]com

* enjoyandlearn[.]com

* collegeofhiphop[.]com

* apexknife[.]com

* nomadthings[.]com

* independentdragon[.]com

* cloaker[.]co

* portableseats[.]com

* redhorizon[.]io

* cloudemail[.]co

* xca[.]io

* kxz[.]io

* techtron[.]io

* blognft[.]com

* advi[.]io

* littlemoon[.]co

* sleeptonight[.]com

* balinese[.]net

* bestsellers[.]co

* sms[.]team

* cancelmyflight[.]com

* book[.]company

* word[.]farm

* omelette[.]io

* outcasts[.]co

* authors[.]io

* happymoon[.]co

* moongroup[.]co

* clickr[.]co

* cobra[.]company

* rhino[.]group

* hold[.]company

* taco[.]world

* haze[.]group

* piya[.]net

* timelessmoon[.]com

* travelmoon[.]co

* stevz[.]com

* moonsource[.]com

* spacemoon[.]io

* voo[.]me

* chill[.]media

* healthworldwide[.]org

* last[.]group

* glamgirlscosmetics[.]com

* yoghurt[.]io

* fresh[.]blue

* expresso[.]bar

* well[.]bio

* superhero[.]world

* fab[.]company

* company[.]bio

* exit[.]media

* cape[.]media

* influencemakeup[.]com

* makeupresearchprogram[.]com

* 801[.]org


## EXPLANATION OF ABUSE AND EVIDENCE

These domains appear to have been recently registered for the purpose of abuse.


[REF# 66a184b18ef2916adf04c861]

Clicking on links contained in this email may lead to malicious code (including but not limited to viruses, trojans, key loggers, and worms) that could infect and/or damage your computer and/or network. Please exercise extreme caution when clicking on such links. If you have any doubts about any such links or attachments, please contact your system administrator or network supervisor before clicking on any of those links. Sav.com, LLC assumes no responsibility for any damage that occurs arising out of such actions.

All these domains are in process of being removed, what a shame I truly loved Sav and their auctions had some great deals, some of the best around.

Never again.

My initial concern was what if somebody wanted to buy your domain but was pissed it was priced high, and since they couldn't afford it they reported your domain for abuse instead. (Maybe hoping that will force the domain to be cancelled and available for registration)... Almost as if somebody started trolling SH and reporting all names...


... But other people reporting similar lock downs, with domains not on SH, seems to disprove that theory.

Not sure how active, but there is a representative @Sav.com account on NamePros so tagging them for information and hopefully comment (see @Nick R was tagged previously).

Very concerning if it turns out to be case of false abuse reports and Sav responded to them.

Must be very stressful for those impacted.

-Bob

Yeah, this issue is very concerning. It's got me questioning the security of using Sav going forward.

Possibly even more concerning is if Sav discontinues their nP presence.

They seem active on Twitter (but I don't think this issue is being discussed on Twitter?)

https://x.com/usesav/with_replies

https://x.com/usesavHelp/with_replies
 
Last edited:
6
•••
My initial concern was what if somebody wanted to buy your domain but was pissed it was priced high, and since they couldn't afford it they reported your domain for abuse instead. (Maybe hoping that will force the domain to be cancelled and available for registration)... Almost as if somebody started trolling SH and reporting all names...
When a registrar suspends domains due to abuse reports, they typically disable the domains, causing them to stop resolving until they expire. So, they most likely end up in auction or drop-catch. This can be used to sabotage a business rather than to steal domains.
 
12
•••
Happened to me too, and they re-enabled my account.


Dear Registrant,

Sav.com thanks you for being a customer and choosing us for your domain name needs.

We have re-enabled your account.

Yours sincerely,

Sav.com Safety

Maybe it was an error from their side. But all Name servers now changed to
ns1.all-harmless.domains
ns2.all-harmless.domains
 
1
•••
Happened to me too, and they re-enabled my account.


Dear Registrant,

Sav.com thanks you for being a customer and choosing us for your domain name needs.

We have re-enabled your account.

Yours sincerely,

Sav.com Safety

Maybe it was an error from their side. But all Name servers now changed to
ns1.all-harmless.domains
ns2.all-harmless.domains


How did you managed to get it fixed?
 
1
•••
Just send them an email and explain that you had no intentions and your account is not for phishing
i think it was a platform mistake or a bug.
no idea
 
1
•••
Response from Sav:

The official Sav Help X account responded to my X post linking to this thread with:

"Our team is aware of the issue and is currently working on it. The domains should be active again in a few hours."
 
13
•••
The final update is that Sav.com has re-enabled my 93 domains. There was an abuse report on one domain, which belonged to a client and was hacked. Because of that, the entire account was locked. Anyway, a big thank you to the Sav.com team for understanding the issue and reactivating my domains.

Suspending an entire account with 93 domains because one got an abuse report isn’t a reasonable response in my opinion.

Registrants should have a right to see the abuse reports that registrars and registries use to justify domain suspensions. It’s ridiculous that consumers don’t even get an opportunity to defend themselves and it’s a problem in many industries where an account ban has massive collateral damage.

Do you have multiple clients in the same account? I wouldn’t do that. When I deal with small businesses, I set up a dedicated account for each customer.
 
7
•••
Response from Sav:

The official Sav Help X account responded to my X post linking to this thread with:

"Our team is aware of the issue and is currently working on it. The domains should be active again in a few hours."
Thanks for helping fellow members.

So this sentence by Sav turned out to be nonsense:

[Sav] "Please note that this decision is final and will not be reversed."
 
Last edited:
5
•••
SAV is a US based company, which gives those affected quite a bit of legal recourse. I would suggest that those affected to contact the Illinois attorney general and also band together and hire legal counsel.
 
3
•••
People thanking SAV is like getting your auto stolen and it's given back.

The conversation I had with their staff was pretty clear, it was a back-and-forth clearly showing their true intention, but with some social pressure your domains are being returned.

There is indeed so much legal ground to stand on as the above member said, oh well.

Nothing of this sounds good, removed my LinkedIn post as I moved my domains by now with no costs covered on their end, never again.
 
Last edited:
6
•••
Should we move from sav after this?
 
1
•••
How is possible without your permission domain is like our assets.
 
1
•••
  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back