"Anonymous" is not the same as "private", and neither is the same as "no-KYC". Anonymity is operational — you cannot be identified as the operator from the available data. Privacy is contractual — the provider commits not to share what they know. No-KYC is a specific subset of anonymity at the signup layer. All three matter; most hosting marketing conflates them. This page separates them, and walks the four layers of VPS anonymity that actually determine your exposure.
Anonymity does not live in one place; it lives in four. Two are the provider's job, two are yours. Cryptoservers handles the first two structurally; the second two require operational discipline that no provider can do for you.
The information collected when you create the relationship: email, name, address, phone, ID document, billing details. Cryptoservers asks for a single field — a working email — and never validates name, address or phone because they are not collected. The signup form is two dropdowns and an email box. Nothing is enriched against third-party databases. This is the no-KYC layer; it is necessary but not sufficient for anonymity.
Every payment leaves a trace somewhere. A card creates a chargeable record at your issuing bank. A bank wire creates a SWIFT log. Bitcoin creates a public UTXO graph. Monero creates an opaque commitment with no source visible. Cryptoservers accepts seven cryptocurrencies; XMR is the only one with protocol-level privacy at the payment layer. BTC, LTC, ETH, BCH, DOGE, DASH are pseudonymous — strong if you use fresh wallets, weak if you withdraw directly from a KYC exchange. We never accept fiat, so card-network surveillance is structurally absent.
Every SSH session and panel login leaves a trace at your end. If you SSH from a residential IP that your home ISP can attribute to you, the network-layer anonymity is gone regardless of what the VPS knows. Cryptoservers does not block Tor or VPN traffic on the deploy form, the panel or the VPS itself; the operational discipline of routing through Tor (Tor-only or Tor → VPN → SSH) is yours to maintain. We do log panel session IPs for 24 hours for brute-force protection — short retention, deliberately limited scope.
The text of support tickets, the contents of abuse reports filed against you, the workload running on the VPS, the public IP your services bind to, and any leaks the workload itself produces (banner strings, login fingerprints, SSL certificates, EXIF data, analytics cookies). Tickets and abuse correspondence are subject to our 90-day retention; the workload's leaks are out of our hands. This is the layer most users underestimate, and the one a determined adversary will go after first.
流经 Cryptoservers VPS 每类数据的平铺表格及我们的处理方式。无营销内容:仅三列——我们看到的、我们记录的、我们共享的。
| 层次 | 我们看到的 | 我们记录的 | 我们共享的 |
|---|---|---|---|
| 注册邮箱 | 您提交的地址 | 存储于客户记录 | 仅在有效本地法院命令下 |
| 真实姓名 / 身份证 / 手机号 | 无——从未收集 | 无——从未收集 | 无法共享从未拥有的数据 |
| 支付 | 链上交易 ID、收款地址、金额 | 账单行 + 交易 ID,7 年(公司法) | 仅在有效本地法院命令下 |
| 控制面板会话 IP | 登录来源 IP | 24 小时(防暴力破解) | 仅在有效本地法院命令下 |
| 控制面板操作 | 开通 / 重启 / 重建 / 快照 | 90 天(滥用/安全) | 仅在有效本地法院命令下 |
| 到您 VPS 的 SSH 连接 | 无——在虚拟机内部终止 | 无——不在主机上 | Cannot share what we don't see |
| 客户网卡流量 | 仅按端口字节计数 | 无网络流量记录,无数据包捕获 | 无数据可共享 |
| 支持工单 | 您发送给我们的内容 | 2 年(服务连续性) | 仅在有效本地法院命令下 |
The provider can clean up layers 1 and 2; you have to clean up 3 and 4. Below: the discipline that makes the difference between "anonymous on paper" and "anonymous in practice".
网络使用规范:
钱包使用规范:
邮箱使用规范:
工作负载使用规范:
The honest section. Anonymous VPS is a useful tool with a defined threat model. Below: the threats it does not address. If any of these match your adversary, layer the VPS with the additional defences mentioned.
全球被动对手。 A global passive adversary (GPA) — typically a signals-intelligence agency with broad network observation capability — can correlate Tor entry and exit timing, deanonymise long-lived flows by traffic-pattern analysis, and link your VPS public IP back through the Tor circuit to your residential ISP under sufficient observation density. Anonymous VPS does nothing to defeat a GPA. Defending against a GPA requires a different toolkit (Tails, mixnets, intermittent connectivity, OPSEC discipline far beyond hosting choice).
通过工作负载本身的旁信道。 If the public service running on your anonymous VPS leaks your identity through a login fingerprint, a unique writing style, an embedded analytics tag you forgot to remove, or a single tweet that mentions the IP — anonymity collapses regardless of how clean the VPS purchase was. This is the most common failure mode we see in post-mortem write-ups; the workload is the weakest link.
如果直接 SSH 连接,则有 ISP 级元数据。 Your home ISP records that you connected to the VPS public IP at this timestamp, this volume, this protocol. Even without packet capture, NetFlow-grade metadata is sufficient to link "VPS A made noise" with "subscriber X was online and connected to A at the same moment". The fix is not to SSH from a home connection: route through Tor or through a VPN you bought separately.
取证磁盘镜像。 A VPS lives on physical hardware in a rack. If the underlying disk is imaged through a court order or hypervisor introspection, anything you stored unencrypted is recoverable. Encrypt sensitive data at rest <em>inside the guest</em> with keys held by you (LUKS, dm-crypt with passphrase prompt at boot, file-level encryption like age or gocryptfs). The anonymity of the VPS purchase does not protect what is on the disk.
被强制披露邮件内容。 Your signup email, even on Proton or Tutanota, lives at a provider with its own jurisdiction and its own court-order obligations. If that provider is compelled to hand over inbox contents, they would include your Cryptoservers deploy emails (containing the VPS IP). PGP-encrypt mail-at-rest where possible; consider self-hosted mail behind Tor for the highest-paranoia profiles.
Eight questions buyers and journalists ask us most about the anonymity properties of a Cryptoservers VPS.
