Summary
- Valex Cloud LLC has credible evidence of current operation under the Elysia Cloud name: a live retail catalogue, a public status page, ARIN registration for AS36744 and the 23.134.124.0/24 allocation, and RIPEstat visibility for one IPv4 prefix and one IPv6 prefix originated by AS36744.
- The operating surface is small. RIPEstat shows AS36744 announced 23.134.124.0/24 and 2602:f76f::/44 on 2026-07-12, while AS19468, also registered to the same public identity, was not announced; PeeringDB lists no exchange or facility records for the network.
- Valex's own documents make the supplier boundary explicit: its subprocessor list names Cosmic Global for data-center, compute, storage and network infrastructure, and names Cloudflare Magic Transit plus Cosmic Guard Enterprise for DDoS mitigation.
- The most important customer risk is not whether the brand exists. It is whether a given workload can survive a Los Angeles or Dallas facility event, an upstream or mitigation change, a depleted hardware shelf, a billing or control-plane outage, or a migration deadline.
- The evidence grade is Medium for a small live hosted-capacity provider, but not Strong because public sources do not prove tested multi-site failover, spare hardware depth, independent facility carrier paths, restore performance, or customer-portability outcomes.
A small cloud provider with a visible edge
Valex Cloud LLC is visible to customers mainly through the Elysia Cloud brand. The first-party home page describes the offer as hosting for websites, virtual dedicated servers and game servers, with NVMe storage, DDoS protection and support; the about page frames the company as a performance-first hosting provider that started from game-server demand and grew into broader cloud and VDS services. The company also operates a separate billing portal at billing.elysiacloud.com and a public status site at status.valexcloud.com. That is already more public surface than many thin directory cards: prospective customers can see product shelves, order buttons, policy documents, a client login, network identifiers and service monitors.
The question is what that public surface proves. It proves that Valex is selling hosted capacity. It does not, by itself, prove how much capacity is installed, how much of it is spare, how many racks are under direct control, whether a customer can be restored into another building, or whether a route outage would be isolated to one product shelf or spread across the estate. For a small provider, those distinctions matter more than the slogans. A VDS plan is not merely a line item in a cart.
It is a slice of CPU, RAM, storage, packet handling, power, cooling and support attention, all of which can become constrained at the same time during a failure.
The network record supports current activity. ARIN lists AS36744 as ELYSIA, with the Elysia Cloud organization in Chino Hills, California, and standard NOC hours published as 7:00 AM to 9:00 PM Pacific time. ARIN also lists AS19468 as ELYSIA-2 for the same organization. The distinction between the two matters because public route collectors do not show them in the same state. RIPEstat's AS36744 overview reported the ASN announced on 2026-07-12, while the AS19468 overview reported the older or secondary ASN not announced at the same query time. BGP Hurricane Electric's AS19468 page adds a useful historical warning by marking the ASN not visible in the global routing table since July 15, 2025.
For customers, this means the live internet edge should be read through AS36744, not through every Valex-associated ASN that appears in registry history. RIPEstat's announced-prefixes view for AS36744 showed two visible resources over the checked window: 23.134.124.0/24 and 2602:f76f::/44. The ARIN record for 23.134.124.0/24 names ELYSIA-NET-1 and Elysia Cloud. RIPEstat's IPv4 prefix overview and IPv6 prefix overview both identify AS36744 as the current origin. That gives the company a real, public, current routing footprint, but a compact one.
Compact is not automatically bad. A /24 and an IPv6 aggregate can be exactly the right size for a young provider that is using upstream mitigation and data-center partners instead of building a national backbone. It does, however, limit what can be inferred from routing alone. A single IPv4 /24 means only 256 IPv4 addresses before NAT, private addressing, shared hosting and additional upstream-supplied space are considered.
A single visible IPv6 aggregate says the provider can publish IPv6 reachability, but not how broadly customers receive native IPv6 by default, how IPv6 is filtered in mitigation, or whether every product tier has equivalent support. This is why the public route table should be treated as evidence of an edge, not as proof of deep capacity.
The product catalogue separates retail promise from available inventory
The Elysia catalogue is broad for a small provider. Its VDS product page advertises dedicated vCPU resources, full administrative access, NVMe storage, DDoS protection, 10 Gbps networking and a 99.99% uptime SLA. The billing storefront then breaks this into product families. The standard cloud VDS shelf offered AMD EPYC tiers from 1 vCPU and 2 GB RAM up to 16 vCPUs and 32 GB RAM, with storage rising from 20 GB to 320 GB. The high-speed VDS shelf used Ryzen 7 and Ryzen 9 language, but the checked page showed every listed package with "0 Available." The extreme VDS shelf advertised Ryzen 9950X capacity and order buttons across a similar package ladder.
That mix is the best public clue about installed versus usable capacity. The website can say a provider has high-speed compute; the cart can still show no units available for a given shelf. The exact inventory count may change quickly, and a public storefront may not expose all internal reservation pools, but a visible "0 Available" on every high-speed VDS tier is a signal that capacity is constrained or deliberately gated. Customers looking for urgent replacement capacity should not treat the product page as a reservation.
They should check orderability, ask whether the target node type exists in more than one facility, and confirm whether a failed host can be replaced with the same CPU class or only with a different tier.
The web-hosting shelf points to a different pattern. The first-party web-hosting page emphasizes cPanel-style hosting with NVMe storage, SSL and backups. The billing web-hosting store listed plans with 10 GB, 25 GB, 50 GB and 100 GB NVMe allocations and order buttons. That is a more conventional shared-hosting capacity model: many smaller customers depend less on a single dedicated host and more on nameservers, the hosting control panel, shared storage, mail reputation, backup jobs and staff responsiveness. A failure in web hosting can therefore be operationally different from a VDS failure. It may not strand one high-memory VM; it may strand many smaller sites behind DNS, cPanel, SSL renewal and shared mail handling.
Game hosting adds a third demand shape. Elysia's game pages advertise Minecraft, Terraria and Hytale hosting, while the billing shelves split budget game servers, standard game servers and premium game servers. The checked standard-game shelf showed only one listed tier with one available unit, while several other tiers showed zero available. Game-server demand is bursty and latency sensitive. A node that is acceptable for a small community at idle can become unacceptable during evening peaks, modpack updates, DDoS attacks against public communities, or tournament-like events. If Valex is using the same physical pools for game servers and VDS products, inventory pressure in one shelf can tell customers something about the whole rack, even if the billing portal treats product lines separately.
This is the key economic point: a low-cost hosted-capacity provider sells a promise that is easier to order than to recover. The advertised package is static. The recoverable package depends on spare RAM, spare NVMe capacity, spare IP addresses, available mitigation throughput, working automation, staff response time and the ability to move a customer without violating the customer's own licensing or data-residency constraints. Valex publishes enough to be taken seriously as an operator, but not enough for a customer to assume that every product has an equivalent replacement path.
Physical location is disclosed, but rack independence is not proven
Valex's own Security & Trust material is unusually specific about facility geography. The public Security & Trust page identifies a primary facility in Los Angeles, California, described as provider-owned, and a secondary facility in Dallas, Texas, described as colocation with Cosmic Global, Inc. It characterizes both as Tier III facilities. The subprocessor list separately names Cosmic Global, Inc. for data-center hosting, compute, storage and network infrastructure in the United States. Those disclosures are valuable because they turn "cloud" into a map: at least part of the customer risk lives in Southern California and part lives in North Texas.
The disclosures also create the central uncertainty. A provider-owned Los Angeles facility can mean anything from a substantial independently powered site to a small room or controlled cage in a broader facility arrangement, depending on how the term is used in context. A Dallas colocation dependency is clearer: Cosmic Global is an external operator or infrastructure provider for at least some compute, storage and network infrastructure.
Public sources reviewed here do not show rack counts, cabinet power densities, generator runtime, cooling topology, cross-connect inventories, storage-cluster layout, live utilization, spare-node inventory or tested failover exercises between Los Angeles and Dallas. They also do not show whether customer services are automatically placed across both locations or whether one location is used for selected products, backups, mitigation, overflow or future expansion.
PeeringDB reinforces that caution. The PeeringDB record for AS36744 identifies Valex Cloud LLC, also known as Elysia Cloud, as a global-scope network with IPv6 enabled and 5-10 Gbps traffic, but it lists zero exchange records and zero facility records. PeeringDB is user-maintained and incomplete, so the absence of facility entries does not prove a lack of facilities. It does mean customers cannot use PeeringDB to verify where AS36744 interconnects, where it keeps routers, or whether it has independent points of presence. When a provider's own whitepaper says there are facilities and PeeringDB provides no external facility corroboration, the prudent reading is: location claims are plausible and company-published, but rack-level independence remains unverified.
That matters during a facility event. If the Los Angeles site loses power, cooling, access or upstream handoff, customers need to know whether their VDS can boot in Dallas, whether storage is replicated, whether IP addresses can be reannounced from the other site, whether DNS and control-plane services remain reachable, and whether support staff have remote-hands coverage. The same question runs in reverse for Dallas. A secondary site is not automatically a failover site. It may be a backup location, an overflow location, a different product pool, or a contractual facility that hosts only part of the estate.
The customer's risk turns on the actual placement of that customer's volume, image, DNS zone, IP address and backup.
The company's terms make this point more explicit than a marketing page would. Its SLA and terms describe uptime credits, exclusions, maintenance, third-party service boundaries and customer responsibilities, but they do not convert a general uptime target into a disaster-recovery guarantee. The public terms also place backup and disaster-recovery planning heavily on the customer. That is not unusual in hosting. It is, however, a direct warning against treating the provider's two-location statement as a substitute for customer-side replication and tested restoration.
The transit path depends on Cloudflare, Cosmic and at least one commodity cloud-adjacent neighbor
Routing data gives the clearest view of Valex's public network dependencies. RIPEstat's AS neighbors view reported three left-side neighbors for AS36744 at the checked time: AS13335, AS20473 and AS30456. RIPEstat identifies AS13335 as Cloudflare, AS20473 as The Constant Company, better known through Vultr's network, and AS30456 as Cosmic Global Networks. CAIDA's AS36744 view similarly marks the network as seen, with two providers and a very small cone. That is an upstream-dependent edge, not a dense peering fabric.
The first-party subprocessor list fits the route table. It names Cloudflare Magic Transit and Cosmic Guard Enterprise for DDoS mitigation, and it lists Cosmic Global and Cloudflare as upstream transit providers. The billing storefront repeats that Cloudflare Magic Transit and Cosmic Guard Enterprise power anti-DDoS protection on several product shelves. In practical terms, customers should see Valex's DDoS and route resilience as a managed upstream design.
The company can sell protected hosting without owning every mitigation system, but a customer's recovery path then depends on the provider's relationships with Cloudflare, Cosmic and any other upstreams that carry or filter traffic.
This is not a defect by itself. Small hosting providers often buy transit, DDoS scrubbing and facility services because owning them would be irrational at their scale. The risk is in the dependency stack. If a DDoS mitigation policy misclassifies game traffic, a customer may see latency or packet loss even when the origin server is healthy. If a Cloudflare or Cosmic route policy changes, a prefix may reconverge. If an upstream path degrades, the customer may experience an outage that the provider classifies differently under SLA exclusions.
If AS20473 is used for some paths, a customer may also be exposed to the behavior of a large commodity infrastructure network whose policies are outside Valex's direct control.
RIPEstat and RPKI evidence are positive for the current origin. The routing status for 23.134.124.0/24 showed the prefix last seen from AS36744 on 2026-07-12 with full IPv4 RIS peer visibility. The routing status for 2602:f76f::/44 showed the IPv6 prefix last seen from AS36744 with broad IPv6 visibility. The RPKI validation result for 23.134.124.0/24 was valid for AS36744, and the RPKI validation result for 2602:f76f::/44 also validated the current AS36744 origin. That route-security evidence is meaningfully better than an unregistered or unprotected edge.
But the same records show why customers should ask about change control. RIPEstat's routing-status history shows both visible prefixes first seen from AS19468 before later being seen from AS36744. BGP Hurricane Electric's AS36744 page currently reports two originated prefixes, while its AS19468 page is stale. Migration between ASNs can be normal housekeeping, but customers need clarity on which ASN is in production, which prefixes are portable, and what happens if Valex changes upstreams or ASN policy again. RPKI-valid origin is a foundation. It is not a complete answer to convergence, maintenance or mitigation behavior.
Data locality is a US promise unless a customer proves otherwise
The assignment category is global because the service can be ordered over the internet and the PeeringDB record uses a global scope. The physical and legal evidence, however, points mostly to the United States. The Security & Trust page names Los Angeles and Dallas. ARIN records locate the organization in California. The subprocessor list places infrastructure, payment and mitigation subprocessors in the United States.
The privacy and DPA pages describe cross-border transfer mechanisms and data-residency behavior, but the public material reviewed here does not establish a European, Asian or Latin American production facility for customer workloads.
The distinction matters for data sovereignty. A customer outside the United States can buy a global-looking hosting service and still place customer data on US infrastructure, through US subprocessors, with US law and contractual transfer mechanisms shaping access and disclosure. The Data Processing Addendum says processing may include hosting, storage, compute, transmission, backup and disaster recovery of customer content, and it gives customers a 30-day post-termination retrieval period followed by a deletion period. The privacy policy discusses account, billing, support, operational and security data, including infrastructure telemetry and support communications. Those are not merely compliance texts. They define where a customer's operational exhaust can go during normal service, support and incident response.
Valex's terms say that where a customer selects a designated region for data residency, customer data at rest will be stored within that region subject to exceptions. That sentence is useful only if the customer knows which regions exist for the ordered product. Public store pages reviewed here are dominated by US West language and US-oriented infrastructure disclosures. The status page monitors "US West Standard Compute" and "US West High Speed Compute." That status taxonomy suggests at least one operational region, but it does not prove a broad regional menu.
A customer with strict locality obligations should not rely on the word "global" in a network database or on globally reachable routes. It should obtain product-specific commitments about where disks, snapshots, backups, logs, support exports and disaster-recovery copies are stored.
This is where hosted capacity differs from software-as-a-service. A SaaS customer may focus on application data and user accounts. A VDS or game-server customer has to think about block devices, VM images, IP addresses, DNS records, backups, console access, SSH keys, abuse tickets and payment records. If Valex's Dallas site is used for backups, that may be acceptable for a US customer and problematic for a customer with narrower regional restrictions. If a backup is not application-consistent, the region is only one part of recovery risk.
If a customer has to export within 30 days after termination, the customer's own bandwidth, migration systems and alternate host must be ready before the clock starts.
The public evidence therefore supports the topic "Data sovereignty and locality" with a specific conclusion: Valex provides enough disclosure to identify US-centered dependencies, but not enough for a regulated customer to treat locality as settled without a written order form or support confirmation. The most important questions are not abstract. Which facility will host the workload? Can backups leave that facility? Are snapshots replicated to Dallas? Can support personnel access customer data from outside the chosen region? What happens to logs and abuse evidence?
Can the customer retrieve full images, not just files, if it needs to migrate?
The status page tells customers what Valex thinks is monitorable
The public status page API is small but revealing. It groups monitors into Websites, Cloud Compute Services and DNS. The website group includes the Valex Cloud website and Valex Cloud Compute Platform. The compute group includes US West Standard Compute and US West High Speed Compute. The DNS group includes Web Hosting DNS 1 and Web Hosting DNS 2. At the time checked, the public API listed no active incident and no maintenance entry.
Status pages are not comprehensive failure detectors. They show what a provider chooses to expose, not every internal dependency. Still, the Valex status taxonomy matters. It says the provider distinguishes the public website from the compute platform, distinguishes standard compute from high-speed compute, and treats web-hosting DNS as a distinct monitored service. If a customer runs a web-hosted site, a VDS and a game community, those are not the same failure path. DNS can fail while compute keeps running. High-speed compute can be unavailable while standard compute remains orderable.
The public website can be reachable through Cloudflare while the compute platform or origin network is impaired.
The status page also anchors the "US West" operating language. "US West Standard Compute" and "US West High Speed Compute" are narrower labels than "global cloud." They imply that the most visible compute estate is regionally framed. If a customer expects low latency from Europe or Asia, the public material does not prove a local region. If a customer expects facility failover within the same jurisdiction, the status page does not show it. If a customer expects a multi-region managed database or entity-storage continuity plan, the status page does not expose those services as separate public monitors.
Customers should use the status page as a starting point for operational questions. Does Valex publish historical uptime for each monitor? Are incidents backfilled after resolution? Are maintenance windows posted before kernel, hypervisor, router or storage work? Are DNS and compute monitors external to the network being monitored, or are they measured from inside the provider's own environment? Is a ping monitor for compute enough to capture storage degradation or packet loss under DDoS mitigation? The public API does not answer those questions, but it tells customers where to start.
The existence of a status page is still positive evidence. Many small hosts provide only a support address. Valex gives customers a public surface for platform state, and its legal terms describe support-ticket channels for SLA credit requests. That is a better position than silence. The downgrade is that the status page is not a replacement for a customer-run monitor from the customer's own geography and workload path. A ping to a compute node does not prove that a Minecraft server's tick rate is healthy, that a database write path is safe, or that a cPanel backup will restore.
Rack and hardware failure: the failure customers are most likely to feel
Valex sells CPU-specific packages: EPYC for standard VDS and budget game servers, Ryzen 7 and Ryzen 9 for high-speed tiers, and Ryzen 9950X for extreme and premium tiers. That specificity is attractive to buyers because it turns performance into a shopping attribute. It also turns hardware stock into a recovery dependency. If a Ryzen 9950X node fails and there is no spare in the same facility, the customer may be restored to a lower tier, wait for replacement hardware, accept a different geography, or move manually.
The storefront's "0 Available" signals on high-speed VDS and most standard-game tiers are therefore not just sales trivia. They are clues about how tight the physical shelf may be.
The terms recognize this in general form. Dedicated-server language in the public terms says hardware-failure remediation depends on replacement components, complexity and physical accessibility of the data-center facility. Backup terms say restoration times depend on data size, target resource, data-center load, network conditions and storage throughput. Those are ordinary caveats, but they are exactly where small-provider failures become painful. A customer does not fail over into an abstract service.
It fails over into available disk, available RAM, a spare IP, a route announcement, and an engineer or remote-hands process that can perform the repair.
There are several practical failure sequences to test. First, a single host failure: can Valex move the VM image or game-server files to another host without changing IP address? Second, a storage pool failure: are backups independent from the failed pool, and are they verified? Third, a facility access event: can replacement work proceed if staff cannot enter the primary site? Fourth, a capacity shortage: if high-speed tiers are sold out, does Valex reserve hidden recovery capacity for existing customers, or does sold-out retail capacity also mean no equivalent spare?
Fifth, a maintenance collision: if a host is being patched during an upstream event, which service wins support attention?
Customers should also separate backup existence from restore assurance. Elysia's web-hosting page advertises backups, and its backup terms describe backup features, but the public terms place substantial verification responsibility on the customer. A completed backup job is not the same as an application-consistent restore. For a web shop, a restored file tree without a consistent database may be unusable. For a game community, a world save taken during a write can roll back or corrupt state. For a VDS customer, a block snapshot may not include external DNS, firewall rules, API keys or third-party licenses.
The result is a hosted-capacity business where the customer must test not only uptime, but recovery semantics.
The customer group most exposed to this failure path is the one using Valex as its only infrastructure provider. A hobby game server can tolerate a rebuild. A small business site may not. A SaaS startup using a budget VDS for production should assume that provider-side redundancy is not the same as a business-continuity plan. It should maintain off-provider backups, know how to rebuild DNS elsewhere, and avoid depending on a single provider-specific image format. Valex may be a rational low-cost host for many workloads, but the more important the workload, the less acceptable it is to outsource the entire recovery path to a public SLA credit.
Upstream, mitigation and route failure: when the server is healthy but unreachable
The second major failure path is upstream or mitigation failure. Because Valex's edge uses Cloudflare, Cosmic and at least one additional observed neighbor, the customer can lose reachability even if the origin server and storage are healthy. DDoS mitigation can rate-limit or filter traffic. BGP changes can reconverge slowly or produce asymmetric paths. An upstream can withdraw a route. A prefix can remain visible globally while a specific region or carrier sees packet loss. Public route collectors are excellent at proving macro reachability, but they cannot guarantee customer experience from every access network.
Valex's route-security posture is a positive starting point. Current RPKI validation for AS36744 on both visible prefixes reduces the risk that route leaks or unauthorized origins are accepted by networks enforcing RPKI. The RIPEstat visibility data for 23.134.124.0/24 showed broad IPv4 collector visibility on 2026-07-12, and the visibility data for 2602:f76f::/44 showed broad IPv6 visibility with one listed non-seeing full-table peer in the sampled results. BGP Hurricane Electric also reports AS36744's originated prefixes as RPKI-valid. For a small host, that is a meaningful baseline.
The limitation is diversity. RIPEstat counted three observed neighbors, while CAIDA reported AS36744 with a two-provider degree and a one-prefix cone. PeeringDB listed no exchanges. That means customers should not assume dense route optionality. If Cloudflare is the main mitigation path for customer-facing traffic and Cosmic is both data-center or colocation partner and upstream/migration partner, a Cosmic or Cloudflare policy event can be more than a single supplier problem. It can be a combined facility, transit, mitigation and support dependency.
Customers should ask Valex several route-specific questions before placing critical services. Which prefixes are used for each product? Can a customer bring its own IP space? Are customer prefixes accepted, and if so, what RPKI and IRR requirements apply? Can Valex announce customer space from both Los Angeles and Dallas? Are DDoS-protected paths always through Cloudflare and Cosmic Guard, or does the customer choose? Does the SLA measure reachability from provider monitors or from diverse external probes? How are route changes communicated? Is there a looking glass or route-policy page beyond the PeeringDB record?
The answer may be perfectly adequate for many buyers. A web-hosting customer behind Cloudflare DNS and a CDN may care less about raw AS path than about cPanel, mail and site uptime. A latency-sensitive game community may care intensely about mitigation-induced jitter. A VDS customer running APIs may care about stable egress reputation and customer IP continuity. This is why Valex's hosted capacity should be assessed by workload, not by a single label such as cloud, hosting or game server.
Billing, support and control-plane failure can become infrastructure failure
Small infrastructure providers often fail customers through the control plane before the servers fail. Valex's billing portal is a WHMCS-style customer system used for ordering, login, invoices, tickets and services. The billing login page presents account management, hosting, billing, tickets and service access. The public privacy policy identifies support data, billing data and operational data as categories processed by the provider. That means the control plane is a real dependency: if the portal is unreachable, a customer may be unable to pay, open tickets, retrieve invoices, change service settings or request restoration.
The status page includes "Valex Cloud Compute Platform" as a website monitor, suggesting that the provider sees the compute control plane as distinct from the public marketing website. That is good, because a customer outage can involve the platform even when existing VMs keep running. A payment failure can suspend service. A support backlog can stretch repair windows. A console outage can block a customer from diagnosing its own server. A DNS-control issue can break web-hosting customers whose origin machines are healthy.
A customer who cannot access invoices or prove payment during a billing dispute may experience infrastructure unavailability as an administrative problem.
The legal documents make this more concrete. The SLA requires customers to submit service-credit requests through support channels within a deadline, and it treats provider monitoring as the authoritative basis unless a customer can show material error. That creates a practical burden: customers need their own monitoring data, but they also need access to the provider's ticket system to claim credits. A credit is not a restore. It is a future invoice adjustment, capped and conditioned by the agreement. For a production customer, the economic remedy is far weaker than the operational need to get traffic, data and service back.
Support hours deserve attention. ARIN lists standard NOC hours as 7:00 AM to 9:00 PM Pacific time. The marketing pages say support is available around the clock, but the registry NOC statement is narrower. Those statements can coexist if front-line support is available at all times and full NOC escalation follows a schedule, or if the ARIN data is conservative. Customers should clarify the difference. For a global buyer, a Pacific-time support window can be a meaningful recovery constraint. For a US West customer, it may be acceptable.
For a European or Asian customer running a game community at local evening peak, it can turn a short incident into an overnight wait.
The safer operating model is to assume that Valex can provide routine hosting support and escalation, but that the customer remains responsible for independent monitoring, off-provider backups, documented rebuild steps and a payment method that will not fail silently. That is not a criticism unique to Valex. It is the normal bargain of lower-cost hosted infrastructure: the provider reduces entry cost and complexity, while the customer keeps a larger share of continuity engineering than it might on a premium managed platform.
What would settle the open questions
The public evidence is enough to reject the weakest hypothesis, that Valex Cloud is only a name with no live operating footprint. It is not enough to prove the strongest hypothesis, that Valex can absorb a rack, upstream, hardware-stock or provider-contract failure without customer-visible impact. The missing evidence is specific and testable.
First, Valex could publish a clearer region and facility matrix. The current trust page names Los Angeles and Dallas, but customers need product-to-location mapping. Standard VDS, high-speed VDS, extreme VDS, web hosting, DNS, backups and game servers may not share the same placement or failover behavior. A simple table showing where each product can run, whether backups are local or remote, and whether failover is automatic or manual would materially improve the evidence grade.
Second, Valex could expose network policy and route transparency. PeeringDB has the company record, but no exchange or facility entries. A public looking glass, current upstream list, IRR as-set policy, RPKI/ROA statement and customer-prefix policy would help customers understand whether their traffic depends on one mitigation path or has alternate exits. The company already publishes enough legal detail to name Cloudflare, Cosmic and upstream dependencies; publishing operational network detail would match that level of candor.
Third, the company could distinguish retail stock from recovery reserve. A product shelf with zero available units does not tell an existing customer whether equivalent spare capacity is reserved for failures. A short statement that explains whether Valex maintains spare hosts per tier, whether sold-out shelves still have emergency migration capacity, and what substitutions are offered during hardware shortage would directly answer the most important hosting-economics question.
Fourth, Valex could publish restore tests or at least restore objectives by product. The current terms describe backups and limitations, but customers need operational expectations. How long does a web-hosting restore normally take for 10 GB, 50 GB or 100 GB plans? Can a VDS image be restored in Dallas if Los Angeles fails? Are snapshots application-consistent or crash-consistent? Can customers export images in a standard format? Does object storage replicate across facilities? If the answers vary by plan, that variation should be explicit.
Fifth, Valex could preserve and publish incident history. The status API was quiet at the time checked, but mature infrastructure evidence comes from how a provider records disruption, not only from a green page between incidents. Post-incident notes, maintenance histories and monitor uptime summaries would help customers evaluate repair windows and communication quality. Without that history, prospective users must infer resilience from routing data, policy text and storefront inventory.
The buyer's practical read
Valex Cloud LLC should be read as a small live hosted-capacity provider with an orderable Elysia Cloud product surface, current AS36744 routing, valid RPKI for visible prefixes, US-centered facility disclosures and explicit reliance on Cosmic and Cloudflare-related infrastructure. That is a meaningful footprint. It is stronger than a dormant ASN and stronger than a reseller page with no route identity. It is also materially thinner than a multi-region cloud with independently verifiable facilities, rich peering, public postmortems and product-level recovery commitments.
For lightweight workloads, that may be an acceptable bargain. A small website, test environment, community game server or non-critical application may value low friction and hardware-per-dollar more than formal failover. For production workloads, the buyer should treat Valex as one component in a broader continuity plan. Keep off-provider backups. Test restores. Run external monitoring. Keep DNS portable. Avoid provider-specific images where practical. Confirm whether a selected product is in Los Angeles, Dallas or both. Ask how many equivalent spare nodes exist. Ask whether high-speed and extreme tiers can be replaced during a host failure.
Ask what happens if Cloudflare Magic Transit, Cosmic Guard or an upstream path is degraded.
The evidence grade is therefore Medium. The company has live service, live route origin, visible prefixes, RPKI validation, a status page, billing shelves and substantial policy documents. The downgrade is equally concrete: the live public edge is small; AS19468 is stale; PeeringDB does not corroborate facilities or exchange presence; product shelves show capacity constraints in several high-performance categories; and public sources do not prove tested multi-site recovery, spare hardware, storage independence, support escalation or customer migration outcomes. Valex Cloud can sell hosted capacity.
The customer's job is to verify whether that capacity is recoverable when the rack, upstream, hardware shelf or support path is under stress.

