[BEWARE] C-Servers mass-terminates accounts with fake abuse claims and provides ZERO logs

I want to issue a strong warning to anyone using or considering C-Servers. If their upstream provider has an issue, they will not only fail to fix it, but they will completely terminate your account, keep your money, and refuse to provide a single line of log data as proof.

The Situation:
I purchased their Zeta.10 Houston node back in February. I strictly used the VPS for standard, legitimate personal traffic.

In late March/early April, the node suddenly went offline. When I checked my client area, my entire account was suspended. Shortly after, I received an absolutely ridiculous, mass-emailed template from them.

Instead of admitting they had a dispute with their upstream (DartNode) and offering migrations or refunds, they decided to throw a massive list of generic "abuse" accusations at the wall, claiming I was guilty of "one or more" of them, and permanently closed my account.

Here is the exact email they sent:

Subject: C-Servers | Your Role on What Happenned At Zeta.10 Houston
To: [Email Hidden]

Subsequently to a thorough analysis after Zeta.10 Houston became available again, at 16h15 WET, we proceeded with a technical networking analysis between 16h15 WET and 20h15 WET, in order to collect, interpretate and understand what ultimately caused Zeta.10 Houston to be down during this period.

Your service or services were found violating the Terms and Conditions and the Fair Usage Policy - most specifically, by one or more of these reasons:
TCP SYN IPv4 Port Scanning on the vast majority of users and services, in several instances at port 80 and for Chinese IPs, but not only at port 80 nor for Chinese IPs, the highest offender of which managed to register a count of 2990 violations over 23 minutes (!);
Usage of SSH bruteforce attempts, steeming from the VPS service, at selected ports;
UDP flooding (73-114 byte packets were analyzed, most specifically);
NTP amplification scanning (in 1 isolated case);
Proxy harvesting over TCP;
Other unusual traffic also registered over TCP/HTTP;
Entirely and fully bogus registration details, and simultaneously suspicious usage already seen, posing severe additional systemic risk on the sustainability of the service to the existing users;
PayPal disputes, lost or won (and every 7 out of 10 were won by Centerfield Ltd), that effectively have broken the company's trust on the user, as usual and standard on these matters.

It is important to state that we did not penalize, nor report, any users that were using services such as CloudFlare WARP and similar, nor any P2P usage, nor any similar grey-area usage. We did not also interfere or tamper, in any way, with your VPS service, as the pickup of packages was done direct at the corresponding NAT bridge to where all VPS services must communicate first.

We used tcpdump and a professional IDS/IPS service to produce the correspondent results, on a configuration already battle-tested and widely pre-vetted.

The resulting analysis was executed from the very moment the global server restarted, up to each corresponding period. A global serving of nearly 17000 TCP packages and 92000 UDP packages, registered over a period of 23 minutes (for TCP) and 6 minutes (for UDP), were plenty and enough to find the severe violations at hand.

This must be stated

Your action has caused severe harm to hundreds of users, that have been unduly deprived of using their bought service to what they intended to do, for a total period of 12 days.

Moreover, your malicious action has caused potential damages yet to be calculated to Centerfield Ltd, and absolutely calculated to our honorable upstream for this server, DartNode (Snaju Inc), which provides us with a service that has allowed us to provide you, in turn, below-average market pricing.

You abused your position at this Company.

You used a purchased Service to proceed your malicious intentions, with entire and full disregard not only for the sharing users at this server, but also for the entire community. With your action, you've irresponsibly put at risk the lives of those who depend on our services to work on what they need to work, but also the very own Company you purchased your services from.

This must have an action.

DartNode, as the upstream with an IP affected by your malicious usage, naturally wants to have this issue corrected. And we will correct it.

Therefore, with immediate effect, your service and the entirety of your customer relationship with Centerfield Ltd, including other services, is terminated with no possible appeal, refund, or any other compensation by default. Any exceptions to these rules are exceptions to the entire and full discretion of Centerfield Ltd without serving as an example for the matter at hand, and are hereby declared explicitly unusable and unappealable.

No additional detail will be provided for you. This e-mail has already plenty of it.

Centerfield Ltd

Why this is completely unacceptable:

"One or more of these reasons": They literally copy-pasted every type of network attack imaginable and said I did "one or more" of them. If you did a "thorough analysis" and used , where are the logs for my specific IP?tcpdump

Zero Transparency: They explicitly state at the end: "No additional detail will be provided for you." In the hosting industry, if you terminate a client for abuse, you provide the abuse logs with timestamps and target IPs. Terminating accounts without proof is just theft.

Blanket Ban / Cash Grab: It is obvious they had an upstream issue with DartNode that got the whole node suspended. Instead of taking responsibility, they are using this as an excuse to mass-terminate paying customers and keep the remaining balance by citing "abuse."

Stay far away from C-Servers unless you want your account randomly terminated without evidence the next time their upstream pulls the plug.

Best,
tongshuai