Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
Godlike VPS
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Shells Virtual Desktop

Categories

In this Discussion

Home Providers
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

C-Servers VPS Suspended Without Notice – Beware Before Buying

tongshuaitongshuai Member
in Providers

Title: ⚠️ Warning: C-Servers / Centerfield Ltd – Zeta.10 Houston VPS Suspended, Refunds Only After KYC

Content:
I want to share a serious issue with C-Servers (Centerfield Ltd) regarding their Zeta.10 Houston VPS service.

Timeline & Issue:

March 17–25: The server suffered multiple DDoS attacks.
Shortly after, the upstream provider DartNode suspended the VPS, claiming port scanning and malicious activity. No technical logs or evidence were provided.
After repeated requests, DartNode only gave a minimal 21-word response. Customers were left in the dark.

Key Facts:

The VPS is permanently suspended. You cannot continue using it, even if you complete KYC.
Refunds are conditional on KYC. A third-party company handles the process. Without completing KYC, no refund will be issued.
No public KYC portal exists. You must wait for a dedicated email from C-Servers.
Non-compliance risks: If you ignore or fail KYC, all other C-Servers services may be terminated.

Takeaway:

High dependency on third-party providers means service can be terminated without clear evidence.
Refunds are conditional and delayed.
Exercise caution if you consider using C-Servers. Document everything and protect your funds.

Tags: #VPS #HostingWarning #CServers #RefundRisk #KYC

Thanked by 5Starnberg Carlin0 forest WyvernCo thiefyzheng
«1345678

Comments

  • tongshuaitongshuai Member 
    Dear user,

We hope this e-mail finds you well.

With this e-mail, we are providing a final update on what will happen at the Houston, Texas location with the Zeta.10 server you are in.

First, remembering the original context

A plethora of DDoS attacks occurred to the server in Houston, Texas, between March 17/18th and March 24/25th at least, and such a server had some punctual networking issues over IPv4, which, due to DDoS, were not the direct responsibility of C-Servers. 

The upstream for this server, DartNode, has offered C-Servers the possibility of having DDoS protection in this regard, which we did accept.

However, the exact same provider also suspended the server shortly after, and continues suspended at present, citing alleged IP scanning, malicious scripting and alleged denial of service issues on the particular server - but, contrary to what other providers do (for example Hetzner), hasn't allowed us both a time window to take a look at the issue and fix it; nor has provided us with any technical log or evidence of the corresponding allegation, which would help in this regard. 

For more details, please report yourself to the previous e-mail we've sent on March 29th. 

And now, for the news

After insisting several times over the following days, but most especially six times on March 31st through various channels, including one overseas call to the United States, DartNode has finally answered our request. 
As usual on these matters, and since that wasn't provided to us, we had requested a technical log on the shown abnormal activity, so we could curb the bad traffic at hand.

The response provided from DartNode after insisting six times came without any technical log and was the following (that's a direct quote):

Hello,
We have 67 different reports of port scanning from the IPv4 (149.112.84.49).
The responsibility of 149.112.84.49 is solely up to you. 
Thank you

Nothing else. No technical proof of evidence nor details. No detail over IPv6 (which had been questioned as well). Not one simple allowance on solving the issue with who has the service.
Just a mention at a number of reports for port scanning, which is 67, in this case, but could be 5 or 300 - or the provider not saying the truth at all. On the number, or... on the mere existence of them. No one would ever know.
However, the number is still quite high, and will not be ignored by Centerfield Ltd on the resolution of this issue, as you'll see below.

Centerfield Ltd's position on the matter

Centerfield Ltd considers that such a posture from Snaju Inc, trading as DartNode is not only unnecessarily radical - it was handled in an incorrect way. For us, and most especially for you, as a customer.

From a third-party provider we expect cooperation when these matters arise, reasonability on the taken actions. We expect a technical log with what has gone wrong, like Hetzner and other hosting providers do. We expect a swift answer, direct reasons with the seen proof of evidence, so we can act upon the issue and fix it accordingly, as fast and as soon as possible. But most especially - we expect not to insist 10+ (ten plus) times, over close to a week, just to get a 21-word response that could have been an SMS text. That's unacceptable. We gave more technical details to suspended/cancelled VPS services than Snaju has given to a bare-metal customer.

Considering the present posture from DartNode, we consider Snaju Inc. has soft-exited from the present contract, by suspending the services without ever terminating them directly. As such, Centerfield Ltd did the same, rendering to a close the present business relationship, and blacklisted Snaju Inc as a third-party for present or future cooperation, as well as their agents.

We sincerely apologize for the possible frustration reading this text may be causing you - but it's the truth. 

Moving forward

Centerfield Ltd hereby applies, for the first time, the 1.4, 2.1 and 2.2 articles from the Terms and Conditions which you've explicitly agreed to upon your purchase, available at: https://web.c-servers.co.uk/terms-and-conditions-tcs.html. This means that, while temporarily still presenting itself as active, any service you have at Zeta.10 Houston is terminated, on the reason of:

» Massificated Customer-Held Illegal Activity Reported By Third-Party Ending Third-Party Services - Sole Third-Party Action

This means that the action is not directly attributed to Centerfield Ltd, but to the upstream, which unilaterally ceased to provide networking and access to Centerfield Ltd. Therefore, since this was entirely customer-generated, the Provider excludes any responsibility on the matter.

We know that nevertheless you still had a contract with us, and we know we've written on March 29th that we would provide you with a refund to account credit. We do intend to honor that - however, there is still a relevant risk: from the collected report, there were abusers subscribing to the service, and there's a very high risk these would enter our own system at other servers. Which is unacceptable. And this demands appropriate actions to be taken.

Everyone Does KYC

In 24/48h after this e-mail was sent and the userbase e-mail list for Zeta.10 Houston is collected, and prior to any refund to account credit being processed, we will send to every customer that was at Zeta.10 Houston a special one-off e-mail with a KYC request, which will be absolutely mandatory even if you have other services with C-Servers. KYC will be held by a reputed company in partnership with C-Servers for this matter, so you are not submitting any data to us, but to that company, which we'll disclose soon.

This is essential in order to filter the good from the bad, as potential abusers will obviously either refuse to comply with KYC or attempt to game the system. It's a question of trust. Causing a server to end is no small deal.

Failure to pass KYC: will render all services you have at C-Servers terminated without any possible refund anywhere - not only Zeta.10 Houston servers but the other servers as well, due to natural propagation risk - and KYC compliance failure on part of the customer will be explicitly mentioned on any potential disputes or chargeback attempts as a direct reason for termination, which is a common reasons banks reject chargebacks for. 

We will not request any extra data nor details - we'll solely govern our Company with the pre-existing data provided by the Customer. Only the original data present at the original issued invoice and original account details will be considered for this purpose, so any changes at the Client Area will have no effect. It's the customer's responsibility to have it correctly provided.

If KYC is successful: no services nor accounts are terminated and, as promised, a refund will be held to the account credit, even for customers that have paid with crypto. C-Servers doesn't exclude crypto customers just because they've paid with crypto. All refunds to account credit will be processed on maximum 7 days after KYC has been passed.

On both circumstances: manual analysis will always exist as a second layer to exclude false positives that may arise from this procedure, and if we think there is reasonable information to trust a customer, we'll go ahead and bypass the KYC automatic mechanism. KYC results are automatic, handling will always be manual, and we'll be fair and neutral on our analysis. All will be analyzed, one by one. Therefore, don't panic if for some reason your KYC has failed but you've submitted correct details - we'll still get to you.

We sincerely apologize for the inconvenience and we ensure we'll do our utmost to handle this new process as quickly and efficiently as possible for you.

Thank you for choosing C-Servers. Especially if you are among the affected customers that have provided correct details and didn't actually abuse the system, we deeply apologize for the added downtime and KYC requirements, but these are absolutely necessary, for sustainability reasons.

Best regards,
C-Servers by Centerfield Ltd
    Thanked by 1Starnberg
  • nekomikoreimunekomikoreimu Member

    Tags: #i #love #fumos

    Thanked by 2Murv forest
  • barbarosbarbaros Member

    Takeaway:

    High dependency on third-party providers means service can be terminated without clear evidence.

    Then don't rely on fucking third party providers?

    Hello,
    We have 67 different reports of port scanning from the IPv4 (149.112.84.49).
    The responsibility of 149.112.84.49 is solely up to you.
    Thank you

    And also don't do port scanning

    Thanked by 3host_c dsbnoob MannDude
  • yoshikiyoshiki Member

    tldr:

    • Houston server (Zeta.10) server permanently terminated because the upstream (DartNode) suspended it for 67 cases of alleged "port scanning" abuse with no logs.
    • C-Server severs relationship with DartNode
    • Refunds will be made in 7 days, but only if you pass an automated KYC on an unnamed verification provider (or a manual one if the former fails)
    • No KYC = Full account suspension with no refunds. Gaslights user to just accept it and to not chargeback since "they'll probably win" (???)
    Thanked by 2Starnberg WyvernCo
  • zedzed Member

    I don't understand why kyc for refund, is that just a blatant attempt to steal money from people that paid them?

    Thanked by 19lovelyserver rpqu Xrmaddness Warkos tentor tof ServerBachelor VM6 zGato reikuzan Void forest Decicus Gary taizi WyvernCo Rocco beanman109 Rubben
  • sanderowsanderow Member

    How dare he! :#

  • AlteredParadoxAlteredParadox Member

    I must be still not getting emails. Heh

    Thanked by 1Starnberg
  • davidedavide Member
    edited April 2

    How does one even submit a ticket to C-Servers.

    There is no ticketing system but a chat bot called Williams that cannot escalate to a human.

    Thanked by 2suyadi92 Rocco
  • maxxxxxmaxxxxx Member
    edited April 2

    What does "We have 67 different reports of port scanning from the IPv4" even suppose to mean?

    Those reports can be fake. IP address can be spoofed and the port scan might not be even originating from the mentioned server. Even if the port scan is originating from the mentioned server it can be due to an exploit that is the fault of the server provider and not the customer.

    Before doing a KYC rampage on the userbase DartNode should check the validity of the reports, check that the IP address is not spoofed. And if necessary determine the root cause of the issue. If this is just a fake report or a spoofed IP address the customer should not even be bothered with this at all.

  • XrmaddnessXrmaddness Member

    @alfatarsos

  • suyadi92suyadi92 Member
    edited April 2

    @davide said:
    How does one even submit a ticket to C-Servers.

    There is no ticketing system but a chat bot called Williams that cannot escalate to a human.

    Probably this one

    Thanked by 1davide
  • rpqurpqu Member

    https://www.abuseipdb.com/check/149.112.84.49
    Doesn't look good

    Thanked by 4tof yoursunny titus xvps
  • XrmaddnessXrmaddness Member

    While this isn't a great look for C-Servers, this is also incredibly concerning for @DartNode. Why won't they let their customer look into and address the problem?

    Thanked by 1forest
  • lichadelichade Member


    looks like 67 is the limit for abuse reports. ill be sure to stop at 66 next time

    Thanked by 5oloke rpqu barbaros forest beanman109
  • CheepCluckCheepCluck Member

    Ive seen hosts get ddosed because they were doing sketchy shit in the past, as rpqu said;

    @rpqu said:
    https://www.abuseipdb.com/check/149.112.84.49
    Doesn't look good

    Perhaps this is it.
    Maybe OP running some script and compromised their host into being a malicious actor without their knowing. What's Chatgippity think?

  • yoursunnyyoursunny Member, IPv6 Advocate

    @rpqu said:
    https://www.abuseipdb.com/check/149.112.84.49
    Doesn't look good

    So the technical log is there after all.

    @zed said:
    I don't understand why kyc for refund, is that just a blatant attempt to steal money from people that paid them?

    No KYC needed for chargeback.

  • mit_cloudmit_cloud Member

    I purchased a 3-year plan from them just three weeks ago on the same node. I have not received any emails from them, nor have I received any system-generated reply to my email. However, their network status page indicates that everything is currently fine.
    https://web.c-servers.co.uk/network-status.html

    Thanked by 1Starnberg
  • StarnbergStarnberg Member
    edited April 2

    I received neither the e-mail that was supposedly sent on March 29, nor the one quoted earlier in this thread - just like I did not get the notification regarding an upcoming migration earlier this year.

    Has anyone received the KYC request yet? As I did not get one so far at least, it is likely I will not be able to do the KYC. Which means apparently that not only will I not get a refund for Houston VPS, but if I understand correctly, they will also terminate my other VPSes.

    I raised a ticket about the whole issue, mentioning that I did not get any e-mails, but it's "in progress", whatever that means...

    What a load of ... Was about to get a couple more with them, glad I did not yet...

  • yoursunnyyoursunny Member, IPv6 Advocate

    @mit_cloud said:
    their network status page indicates that everything is currently fine.
    https://web.c-servers.co.uk/network-status.html

    "All existing services are operating correctly."

    The Dallas node no longer exists, so that it is excluded from this statement.

    Thanked by 4Obelous Starnberg tux forest
  • davidedavide Member
    edited April 2

    @Starnberg said:
    I raised a ticket

    Did you have to buy the $0.79 package of 3 tickets?
    If you "opened a ticket" thru the bot as I did, the bot lied to you, it has no ability to open a ticket or do anything at all in fact. It just keeps you company.

  • XrmaddnessXrmaddness Member

    Oh boy...

    Dear C-Servers user,

    We hope this e-mail finds you well.

    Following an evaluation on the present inflationary market conditions, and the extraction of the necessary statistics for the 2025 commercial year, three tendencies became apparent:

    • the vast majority of opened tickets, around 75%, were not from customers with higher RAM plans (1GB and above) nor higher pricing (~13/14 USD and above), but steemed from customers below these amounts;
    • from those, approximately 80% of the global reasons for opening a ticket were topics that were either not the regular scope of support, or comprised normal service variations on a public network and shared conditions.
    • 40% of the customers with sub-1GB plans never opened a ticket, on our old or on our new platform.

    While we do understand opening a ticket is important for you, the submission of those tickets does create additional expenses for the Company, which are most especially relevant in a context where other expense increases are occurring and, of course, where investments need to be made to continue our expansion.

    And on the present context, many providers have already increased their pricing significantly to reflect exactly this, with increases that have many times assumed double-digit percentages on the VPS and Cloud industries.

    Our commitment always has been to keep costs low and things optimized, so we can give you the best possible price. Therefore, we had two possible paths:

    • increasing significantly renewal pricing for our existing customers, and entry pricing for our newer customers;
    • or attempt to keep things at the same price or with a minor increase for both parties, but adjust support costs.

    We are following the second path. For existing and new customers.

    Support adjustments from 02-04-2026

    Starting from this day and for existing and new customers, all continuously paid applicable packages or service plans that are priced below 12 USD per year, and/or are equal/below 896MB RAM, per plan, will only be able to use on these plans the following support mechanisms for free:

    This means that, with immediate effect, free human support will cease for these plans, in all circumstances (including global outages or networking issues). Autonomous action on your end will be required for these, either by simply waiting for things to get back to normal; monitorization of the C-Servers Uptime and C-Servers Network Status websites; or simple service cancellation.

    These customers will still have the 99.95% Uptime Warranty and will still be treated on everything else with the same priority as any other customer. But starting from today, 12USD is the minimum for human support to exist.

    There are three exceptions for this rule

    Of course, several paths exist if you really wish to have human customer support on our services:

    • you must have with C-Servers, on the same user account, plans and/or services that are worth, in total, 36 USD or more per year. For example, if you have 1 NanoVPS-384 at 6.99 USD per year, but then have 2 other services at 16 USD per year each, you will still have human support access for all services (16 + 16 + 6.99 = 38.99 USD, which is higher than 36 USD).
    • you can always upgrade to normal plans of our regular offer of 12 USD or more per year, when possible or available;
    • alternatively, you can purchase the revamped addon for a pack of 3 Specialized Support tickets, at 6.79 USD, which is available here: https://web.c-servers.co.uk/category/extra-support-services

    This will be a net-zero purchase, meaning we are not profiting in any way with your purchase - that price tag you paid will go to a human assistant, so you're also contributing for someone to have a job on developing countries.

    Practical consequences of this adjustment

    By doing this change, not only will we be able to adjust our support to more adequate necessities, we'll also be able to increase our support efficiency by having more agents available and faster responses, meaning that when you actually open a ticket, it will be faster for you to get answers. One thing will also continue at C-Servers: we don't outsource our support, and never will.

    Moreover, by doing this adjustment, we'll be able to substantially reduce or even actually avoid an increase at all to your original price. We're still working on it, but we can state that, by doing this change, any possible increases will at least stay below double-digits. Which on the present context, let's be honest - it does mean quite a lot.

    Thank you for choosing C-Servers.

    Best Regards,
    Tiago Severino
    Director and Systems Administrator
    Centerfield Ltd

  • ObelousObelous Member
    edited April 2

    @Xrmaddness said: increase our support efficiency by having more agents available and faster responses

    Because nobody is opening tickets anymore?

    @Xrmaddness said: free human support will cease for these plans, in all circumstances (including global outages or networking issues)

    Even billing issues? lol

    This sounds like a wonderful provider.

  • zedzed Member

    I put this guy on my "lol, never" list just from seeing his interactions with people here on LET.

    Thanked by 2mans_xd forest
  • ArirangArirang Member

    @zed said:
    I put this guy on my "lol, never" list just from seeing his interactions with people here on LET.

    I also did, after seeing the kind of comments the owner has been leaving.

  • lukgthlukgth Member

    Failure to pass KYC: will render all services you have at C-Servers terminated without any possible refund anywhere - not only Zeta.10 Houston servers but the other servers as well, due to natural propagation risk - and KYC compliance failure on part of the customer will be explicitly mentioned on any potential disputes or chargeback attempts as a direct reason for termination, which is a common reasons banks reject chargebacks for.

    lol what is this bullshit, gtfo

    Thanked by 1forest
  • FubukiboxFubukibox Member

    chatgpt ahh post

  • buzzyLETbuzzyLET Member

    @lukgth said:

    Failure to pass KYC: will render all services you have at C-Servers terminated without any possible refund anywhere - not only Zeta.10 Houston servers but the other servers as well, due to natural propagation risk - and KYC compliance failure on part of the customer will be explicitly mentioned on any potential disputes or chargeback attempts as a direct reason for termination, which is a common reasons banks reject chargebacks for.

    lol what is this bullshit, gtfo

    geez first xhosts now this? what is up with the UK providers

  • alfatarsosalfatarsos Member, Host Rep

    As much as we'd like to actually merely proceed with refunds without any verification, as it has always been the rule at C-Servers so far, on this particular instance that is unfortunately not possible. I'll explain why below.

    Mentioning to us that there were 67 reports for port scanning, as much as I'd like to ignore it, can't really be ignored and poses a serious systemic risk to customers at the other servers. Abusers or attackers could simply do as they allegedly did at that server elsewhere and the risk simply can't be taken. Imagine being affected in Falkenstein because an abuser purchased servers with any provided refund at the company again. Can't happen.

    I seriously doubt about that number, always did, but since that was the reported number to us, it has to go like this. Unfortunately, DartNode did not provide C-Servers with any technical log nor details associated with this issue, nor gave us headroom to see and fix the issue - I had zero IPMI access to the server from the moment it was suspended, and it took multiple attempts and multiple days insisting to merely get a four line answer from DartNode.

    I don't take that well. No one does.

    At Hetzner, whenever these issues occur, who has the server is provided with a certain timeframe - ranging from 4 to 36 hours, depending on the number of cases on the calendar year - and within that period of time I, or any user, can take a look at any issues, fix them restricting or suspending any abuse, and things go on. That's a reasonable policy. That's why many providers use Hetzner. That was also the general rule of thumb I expected to happen here - reasonability. I was wrong.

    By not having access to the server when attacks or abuses like these occur, and most especially not providing any technical evidence on the matter, theoretically anyone can be suspended or terminated at DartNode if they do so choose, for any reason, and no one can assess whether it's true or false. I'm as well also unable to check any logs for who possibly had caused these issues at the server, in order to filter the abusers from the normal users, and proceed accordingly, since server access was cut.

    It's an incorrect procedure in my point of view, through and through. Excessive.

    That's why it has to go like this, with KYC. I have to protect the present customers. I can assure this was the only service with DartNode, and other dedicated servers of the Zeta or Delta series are not with them.

    I'm sincerely sorry for all of this, I can assure this is deeply frustrating for you as it is for me. It's deeply frustrating to have to insist 10+ times over several areas and multiple days to get a short answer. I wanted to get this fixed in ~24h and couldn't over 6 days. Not to mention the loss of customers there.

    If DartNode is willing to reconsider on their final posture, and work together with me to fix the issues at hand, I'll be happy to do it and get users a restored service as soon as possible - and everyone gets 2x the number of days the service was down, as a compensation for the lack of service.

    I'm absolutely not happy to have users down or suspended for 6 days, nor having to do these things. If I can avoid it, I absolutely will.

    That shall be my statement on the matter.

    Thanked by 1rpqu
  • yoshikiyoshiki Member
    edited April 3

    @alfatarsos

    • Can you provide us with the name of the KYC company you'll be using?
    • Is this company compliant with data protection laws in the country C-servers' is registered on?
    • Can you assure that unaffected users will not be hit with random KYC requirements and that this will not set a precedent for future users?
    • Could you confirm how KYC for refunds will protect present customers if, as of right now, your only proof for port scanning is one (1) email? What if it ends up being a false flag?
    Thanked by 1ServerBachelor
  • alfatarsosalfatarsos Member, Host Rep

    @yoshiki said:
    @alfatarsos

    • Can you provide us with the name of the KYC company you'll be using?
    • Is this company compliant with data protection laws in the country C-servers' is registered on?
    • Can you assure that unaffected users will not be hit with random KYC requirements and that this will not set a precedent for future users?
    • Could you confirm how KYC for refunds will protect present customers if as of right your only proof for port scanning is one (1) email? What if it ends up being a false flag?

    Hey. Answering your questions:

    • The KYC company used will be Didit, which has been already used by other providers before. We're using no additional data and we're sticking with the existing data for the compliance.
    • Didit is EU GDPR, UK GDPR and ISO 27001 compliant as well as iBeta-L1 certified for biometric compliance.
    • I can extract directly from the billing system database the list of users associated with the server and their corresponding plans (which were three). Therefore yes, unaffected users will absolutely not be hit with random KYC requirements. This also absolutely doesn't set a precedent for future users. Before this issue, the number of KYC requests to single users we did over the span of 18 months (May 2024 - February 2026) was of 2 in 2024 and if I recall correctly 6 in 2025, always manual.
    • KYC for refunds will allow to protect the present customers because the abusers will tend to not want to complete KYC on this instance, as they will naturally get exposed, whereas the regular customer that simply wishes to continue to have usable amounts and purchase services that they need will complete it. I'll also do manual analysis on KYC requests on top of that, and prior to doing anything else with them.

    Just for added transparency, this verification will cover ~15.3% of the existing userbase.

Sign In or Register to comment.