# Servermania Ad Stalking Lowendtalk.com and Lowendbox.com Visitors



## drmike (Oct 2, 2014)

*Draining Sales from other Lowendtalk and Lowendbox Companies*

Have you ever visited Servermania's website? Wondering why wherever you go online you keep seeing Servermania ads for dedicated servers of VPS packages? Seen such on Facebook, Youtube, random websites that run Google Ads?

Odds are you are a visitor to Lowendtalk.com or Lowendbox.com. You contracted the Servermania ad stalking plague via one of those sites.

When you go to Lowendtalk.com or Lowendbox.com you receive a cookie in your browser for AdRoll and their 'client' Servermania.

You can find the ad bug by going to either site and viewing the page source. Go to the very bottom of the page and you find:


<script type="text/javascript">
adroll_adv_id = "QJSDIDC4UFEMBMV27GEVT4";
adroll_pix_id = "GMBHGZ3CGRFJLERGSOGDO4";
(function () {
var oldonload = window.onload;
window.onload = function(){
__adroll_loaded=true;
var scr = document.createElement("script");
var host = (("https:" == document.location.protocol) ? "https://s.adroll.com" : "http://a.adroll.com");
scr.setAttribute('async', 'true');
scr.type = "text/javascript";
scr.src = host + "/j/roundtrip.js";
((document.getElementsByTagName('head') || [null])[0] ||
document.getElementsByTagName('script')[0].parentNode).appendChild(scr);
if(oldonload){oldonload()}};
}());
</script>

adroll_adv_id = the unique advertiser identifier

Plugging QJSDIDC4UFEMBMV27GEVT4 into Google:

https://www.google.com/?gws_rd=ssl#safe=off&q=QJSDIDC4UFEMBMV27GEVT4

Yields:

https://tools.digitalpoint.com/cookie-search?cookie_domain=.www.servermania.com

Therein:

servermania.com Aug 27, 2014 Name *__ar_v4* Domain *.www.servermania.com* Expires Value *|QJSDIDC4UFEMBMV27GEVT4:20140826:1|GMBHGZ3CGRFJLERGSOGDO4:20140826:1|T7TC7EIUQJDNVPRCMYQV3Z:20140826:1*

Cross referencing this to Servermania:

view-source:https://web.archive.org/web/20140208055456/http://www.servermania.com/

Archive.org site grab of Servermania.com from February 8, 2014:

Lines 684-700:


<script type="text/javascript">
   
adroll_adv_id = "QJSDIDC4UFEMBMV27GEVT4";
adroll_pix_id = "GMBHGZ3CGRFJLERGSOGDO4";

(function () {
var oldonload = window.onload;
window.onload = function(){
__adroll_loaded=true;
var scr = document.createElement("script");
var host = (("https:" == document.location.protocol) ? "/web/20140208055456/https://s.adroll.com" : "/web/20140208055456/http://a.adroll.com");
scr.setAttribute('async', 'true');
scr.type = "text/javascript";
scr.src = host + "/j/roundtrip.js";
((document.getElementsByTagName('head') || [null])[0] ||
document.getElementsByTagName('script')[0].parentNode).appendChild(scr);
if(oldonload){oldonload()}};
}());
</script>

*What is AdRoll?*

A thread was started on vpsBoard about AdRoll as precursor to this:



AdRoll is off-site re-marketing. A visitors comes to your website. They do not buy. You feed them an AdRoll cookie. 20 minutes later when they are elsewhere online BLAMO! up comes an ad for your site, where they just were.

AdRoll significantly increases sales for most companies.

AdRoll isn't the only company doing this sort of thing. Google has similar cooked directly into their own ad offering. AdRoll opens the concept up to many more advertising networks including Facebook.

Smart conceptually AdRoll is when implemented on your own site.

*Why This Sort of Re-Marketing is BAD*

Re-marketing is iffy to start with. Many consumers consider this ad stalking and are weirded out by such.

Re-marketing is rife with ad click fraud. It is more infested with fraud than straight ad buys since the end delivery sites are often vague, and sometime 3rd party where the original “qualifying” cookie placement happened.

To consumers this is ad stalking and doing it via a third party website is just being a dirt bag.

To you, if you are a company that sells dedicated servers or sells VPS and does so through LET and LEB, ColoCrossing and Servermania are screwing you out of sales. They are absorbing customers through these sales via ads on other sites where they've targetted ALL LET AND LEB visitors as Servermania leads. In the process they've even tagged you the company owner and competitor as a lead.

Servermania is Colocrossing's largest customer and has a special investment relationship with Colocrossing.

This points to something larger and more sinister though.

*How Long has LowendTalk and Lowendbox been Bugged by Servermania?*

Lowendtalk June 28, 2013, Archive.org capture doesn't include the AdRoll code:

view-source:https://web.archive.org/web/20130628205642/http://www.lowendtalk.com/

*Lowendtalk August 5, 2013, Archive.org capture DOES include Adroll code:*

view-source:https://web.archive.org/web/20130805071054/http://lowendtalk.com/

Lowendbox July 9, 2013, Archive.org capture doesn't include the AdRoll code:

https://web.archive.org/web/20130709035639/http://www.lowendbox.com/

*Lowendbox July 12, 2013, Archive.org capture DOES include the AdRoll code:*

view-source:https://web.archive.org/web/20130712053326/http://www.lowendbox.com/

So both sites *were likely bugged July 9-12, 2013, and have been ever since*.

*What should people do about this?*

Advertisers on LET and LEB should reconsider their spending on BuySellAd campaigns.

Others should demand Servermania bugging via AdRoll be removed from LET and LEB.

Everyone should demand LET and LEB run in a more transparent and honest fashion free of these shell companies and investments they are so fond of hiding behind (ChicagoVPS, UGVPS, 123Systems, BlueVM, HVH, etc.)

Demand action addressing the never ending Servermania shilling on LEB (masses of offers under their own shell company garbage).


----------



## Nett (Oct 2, 2014)

Good findings there... is this against AdRoll's policies or not?


----------



## mikeyur (Oct 2, 2014)

So.. I don't get what this has to do with BuySellAds customers.. Even though I don't think anyone should be wasting money on non-retargeting display ads anyways.

As a marketer: retargeting/remarketing ads are AWESOME. As a consumer: I run Adblock.

Re: Adroll rules. I do not believe this is against their TOS - all you need to do is drop a pixel and you're good to go. Many of our clients have large parent companies and we cross-target ads against their sites all the time (Adroll, Google Remarketing, etc).

This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads.


----------



## drmike (Oct 2, 2014)

Nett said:


> Good findings there... is this against AdRoll's policies or not?


That's a loaded question because the advertising industry continues to insist on self regulation while walking a narrow line with government, private advocates, etc.

Let's say those who make money in such way lack common sense and decency. Later the confess, pay some fines and hope to avoid criminal prosecution.

AdRoll allows it per se (but they have mixed messages about it).  The related ad industry even has a name for this sort of nasty practice (which typically when implemented is more innocent in nature like buying an AdRoll bugging in a site in Los Angeles that covers local LA events) - it doesn't involve companies like  in this instance conspiring to control an entire marketplace.

AdRoll used in the local example is meh, very questionable.

AdRoll used in this instance is furtherance of organized fraud by LET and LEB.


----------



## drmike (Oct 2, 2014)

mikeyur said:


> So.. I don't get what this has to do with BuySellAds customers.. Even though I don't think anyone should be wasting money on non-retargeting display ads anyways.
> 
> This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads.


BSA ad buyers are spending real cash on LET and LEB.  Yet allegedly as-is so is Servermania (as per their weird direct ad on both sites served directly from Wordpress).

Slew of company ads on a page, but we have Servermania with the ad bugging to top the pie off and hard core sales cornering off site.  People should be asking too why SM ad isn't through BSA.

I mean neither is HudsonValleyHost's ad on the footer, but we long ago forced that situation out into public that CC owned HVH.

"This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads."

LET and LEB lack Privacy Policy, Terms of Service and proper contact details.  Never have had any of these.


----------



## mikeyur (Oct 2, 2014)

So you're talking about the morals of a corporation and not the legal ramifications of their actions, correct?

Nothing I see them doing is breaking any rules - it's totally fine to run private ads outside without a network, anyone can do direct sales. Tagging other sites, that allow you, with your Adroll/remarketing code isn't an issue.

You just have a problem with LET/LEB/CC specifically doing these things?



drmike said:


> LET and LEB lack Privacy Policy, Terms of Service and proper contact details.  Never have had any of these.


Then report them on that.


----------



## drmike (Oct 2, 2014)

mikeyur said:


> So you're talking about the morals of a corporation and not the legal ramifications of their actions, correct?
> 
> Nothing I see them doing is breaking any rules - it's totally fine to run private ads outside without a network, anyone can do direct sales. Tagging other sites, that allow you, with your Adroll/remarketing code isn't an issue.
> 
> ...


Legal ramifications with them is open barrel without a bottom at this point.  Amount of fraud going on around ColoCrossing is nothing to ignore, even if it is being apparently ignored.

Do the math, May 2013, hack.  CC forced out into the open as the owner of LET/LEB after lying for a year or more.

< 2 months afterwards as traffic there in a big valley, out comes this "re-marketing" bug.    This isn't some straight up normal thing companies do -- then again neither is a provider owning an at-large marketplace anything normal.

How would it sit if WebhostingTalk started AdRoll infesting their pages with say a remarketing code for Hetzner?  Think the other thousands of companies that participate in WHT and probably use AdRoll themselves on their OWN site would be miffed?   Now imagine if WebhostingTalk actually owned Hetzner also and kept that a secret.

Clearly what they are up to is fraud and this is an extension of that.

Servermania makes sale ---> money to CC directly.

Me I have a problem with anyone cookie stuffing people like this subversively and slyly.  Especially where the whole who owns who and what has been shrouded at every turn with them lying.  Fraud by deception over and over.

Reporting for lack of privacy policy and other matter ---

Report them to whom?  It ought to be required by law and all, but isn't.

Closest we get here is this, AdRoll's own Policies, http://www.adroll.com/about/privacy  which says:



> "Other Sites Policies
> 
> AdRoll has no control over, nor does it bear any of the responsibility for the privacy policies and/or content of any sites or advertisers linked to or on AdRoll’s website, or the cookies these sites might set in your browser. AdRoll requires that Advertisers that have elected to use AdRoll provide a descriptive privacy policy linked to from their website describing their practices regarding Online Behavioral Advertising."



Servermania's own Privacy Policy Fails to mention Online Behavioral Advertising http://www.servermania.com/privacy-policy.htm ....  and as we saw, they ran this AdRoll bugging on their own site back in February and prior.



> Privacy Policy
> Server Mania has a long-standing policy of protecting customer privacy.
> 
> We believe that you should know what information we collect from you, as well as how that information is used, disclosed, and protected. We have created this policy statement (the "Policy") to explain our privacy practices and policies..
> ...


ColoCrossing who owns these Lowend sites lacks any proper documents on this site also (just like LET and LEB), but would legally claim likely when cornered that they don't own LET/LEB.

LowendBox footer is updated to reflect is it part of VSNX (LowEndBox. Part of the VSNX Family of Companies. ):

Link: http://vsnx.net

VSNX also entirely lacks common policy documents.


----------



## GIANT_CRAB (Oct 2, 2014)

Not going to give a fuck since I have ad block plus


----------



## drmike (Oct 2, 2014)

GIANT_CRAB said:


> Not going to give a fuck since I have ad block plus


AdBlockPlus indeed blocks AdRoll - there are 10 entries for AdRoll in EasyList for ABP.


----------



## mikeyur (Oct 2, 2014)

GIANT_CRAB said:


> Not going to give a fuck since I have ad block plus





drmike said:


> AdBlockPlus indeed blocks AdRoll - there are 10 entries for AdRoll in EasyList for ABP.


This is indeed the answer if you have problems being tracked. Again, I run multiple Adroll campaigns for clients that spend 10s of thousands a month on this stuff - and I run ABP..

Re: providers being pissed off if ServerMania tags a user first - that doesn't mean much. The way inventory works for different sites/retargeting systems varies a lot. But basically a user would see ads from both, they might get more from one if they have a larget budget or in the case of other remarketing systems - have a higher bid.

If I didn't run adblock I'd be getting tagged by all my client sites that I visit daily, and pretty much every other site online. And depending on what other sites I visit, I'd see some more than others - but mostly it would spread them out evenly.

Having a large retargeting base doesn't hugely help you. Having a more relevant targeting base is the key.

I'm fairly new to this community and LET/LEB - so I don't have the full backstory on everything, just bits and pieces that come up. I understand your point and concerns - just wanted to work out whether your qualm was with the technologies themselves or who is using them.

Re: privacy policy. I know Google is much more strict about these things compared to Adroll. It also depends on the physical location the site is hosted in and what their privacy laws are. In the US & Canada, where our clients are located, it's much more about the ad company's policies than legal problems. Looks like Adroll is going the "not our problem" route on this one.


----------



## AnthonySmith (Oct 2, 2014)

this post made me want to start using adroll  those servermania adverts 'seemed' to have incredible penetration, now I know why.


----------



## MannDude (Oct 2, 2014)

Ah, now I know why I see their ads everywhere. Not sure if it's a direct violation of adroll's policy or not, but regardless, still a tad shady I think.

It'd be like me using vpsBoard to cookie stuff so when you sign up for digitalocean, I get a affiliate credit or something.

Though I guess the real question would be why is ServerMania obtaining access to unique and private forms of advertising not offered to others? The adroll 'partnership' (if you'd call it that) as well as the unique advertising spots only available to them and Colocrossing's own HudsonValleyHost. Not that it _really_ _matters_, LET/LEB are privately owned sites but given the fact that ServerMania resells Colocrossing and Colocrossing only it seems a bit suspect. Business as usual though, of course they (CC) will be interested in seeing the brands who resell them grow more than others, it only makes sense as it all trickles up. That's nothing new. Just sucks for the other hosts who are trying to run a business who get less coverage because a provider owns that marketplace and has an interest in helping those who resell them grow and those only.


----------



## mikeyur (Oct 2, 2014)

AnthonySmith said:


> this post made me want to start using adroll  those servermania adverts 'seemed' to have incredible penetration, now I know why.


It's a ridiculously effective advertising method, and I think Adroll's minimum is $20 or $25/week. I'm under the same username on the LES forum - shoot me an email if you want some help/advice on setup.


----------



## Epidrive (Oct 2, 2014)

Now i know why i keep on seeing theirs ads everywhere, i thought I was just in their target audience.. Turns out to be more than that.


----------



## tragic (Oct 2, 2014)

Epidrive said:


> Now i know why i keep on seeing theirs ads everywhere, i thought I was just in their target audience.. Turns out to be more than that.


Makes two of us. Been seeing their ads blasted over Facebook as well.


----------



## QuadraNet_Adam (Oct 2, 2014)

This is news to me, it's an effective and a creative way of marketing (I'll give them that), but not so ethical and if I am correct it violates AdRoll's policies.

You would think LEB/LET would stick this tracking code in their site to advertise/benefit for their parent company (ColoCrossing), but instead they are just doing it for one of their clients ServerMania? Unless things have changed since I last checked, and CC now owns ServerMania? Is SM more than just a client now? Please enlighten me, I honestly haven't been keeping up with that front.


EDIT: I just read that LEB/LET has been bugged with this code since July 2013. Hmm, that's interesting.


----------



## MattKC (Oct 2, 2014)

Given colocrossings history of trying to hide acquisitions, and cvps's same tactic to avoid forum bans, it wouldn't surprise me in the least. Either that or SM offered the most dirty cash for the honor.


----------



## Kris (Oct 2, 2014)

Again?  :lol:

http://bgp.he.net/AS55286

That's them. Single homed to ColoCrossing with WHOIS at the CC 'datacenter'  - 311,000+ IPs as of today. 

They've been the ColoCrossing IP collector brand (250k -> 300k) since mid-2013.

Guess that's when CC got their /14 and it was harder to get more IPs under that name at ARIN.


----------



## Munzy (Oct 2, 2014)

As per Enjen's Asn-blocklist ::

https://www.enjen.net/asn-blocklist/index.php?asn=36352&type=iplist

Buffalo ===================================

The test IP for server mania in Buffallo is from colocrossing's IP space.

http://www.servermania.com/newyork-datacenter.htm

198.12.69.74 => 198.12.68.0/23 (cc)

Los Angeles ================================

Once again test IP is in CC's network.

23.229.123.150 => 23.229.112.0/20 (cc)

Chicago ====================================

And again....

23.254.113.106 => 23.254.112.0/20 (cc)

*Atlanta ====================================*

*... and by far the weirdest....!*

192.157.59.250 => 192.157.56.0/22

Which is in the b2net space as per Enjen:: https://www.enjen.net/asn-blocklist/index.php?asn=AS55286&type=iplist

http://www.servermania.com/atlanta-datacenter.htm for more info.

Munzy


----------



## Kris (Oct 2, 2014)

ASNumber: 55286
ASName: SERVER-MANIA
ASHandle: AS55286
RegDate: 2013-05-16
Updated: 2013-05-16

*Under 18 months they've amassed 311,000+ IPs. Remember this when you're waiting weeks for your next /22. *

Add the special ad code (where they didn't go through BSA) and... not rocket science.


----------



## drmike (Oct 2, 2014)

MattKC said:


> Given colocrossings history of trying to hide acquisitions, and cvps's same tactic to avoid forum bans, it wouldn't surprise me in the least. Either that or SM offered the most dirty cash for the honor.


Servermania is far worse than acquisition.  Unsure if SM has money in CC or CC has money in SM.

Upgrades in Buffalo have involved Servermania cash and I think we found the how the cash originated.

Biloh is and has been BEST FRIENDS with brothers Justin Blanchard and Kevin Blanchard, owners of Servermania for years. We can say their friendship is in real life.  

Forum bans and CC swiping LET/LEB ownership are a funny combination when you realize and finally see ColoCrossing owns and has owned ChicagoVPS.   I've liked punting Fabozzi as the idiot in Buffalo, but the actions, the direction and most of the shilling for CVPS shell companies has been orchastrated by and created by Biloh himself.

I wouldn't say all this if I wasn't in the know. I've seen multiple pieces of proof.  Day is coming when documents are accompanied by legal folks putting an end to the Buffalo circus.  It is just a matter of when now.

Might be other implications on failure to declare data breeches by ColoCrossing for the multiple CVPS hacks.

Since OnApp now owns SolusVM, perhaps now we can see some intellectual licensing enforcement against ChicagoVPS @NullMind  ?    Have the folks at OnApp read this:   ???


----------



## toadyus (Oct 2, 2014)

Maarten admitted in the GVH thread that they know companies are impersonating / operating under a fictitious names and that he's not allowed to warn people, that my friends is very alarming to me.

Here's is he snippit from let:



hellogoodbye said: Out of curiosity since I don't think it's stated outright in the rules: are LET members allowed to use multiple accounts and pose as different people like that?      


mkpossen said: They always have been and still are. We keep track of who is who. I am going to reconsider this, though.

joelgm said: Can you give me one good reason why? Don't you think prospective customers ought to know that their host is impersonating/operating under a fictitious id?

mpkossen said:I cannot. It's something I inherited. I'm currently seeking to change that policy, but my staff will need to agree with that before I can.

Source: http://lowendtalk.com/discussion/35183/greenvaluehost-us-eu-high-storage-high-bandwidth-high-ram-20c-ips-9-plans-to-choose-from/p2


----------



## coreyman (Oct 2, 2014)

toadyus said:


> Maarten admitted in the GVH thread that they know companies are impersonating / operating under a fictitious names and that he's not allowed to warn people, that my friends is very alarming to me.
> 
> Here's is he snippit from let:
> 
> ...


Just wow, that's rediculous - I always did wonder why I saw servermania ads everywhere all the time.


----------



## DomainBop (Oct 2, 2014)

> "Other Sites Policies
> 
> AdRoll has no control over, nor does it bear any of the responsibility for the privacy policies and/or content of any sites or advertisers linked to or on AdRoll’s website, or the cookies these sites might set in your browser. *AdRoll requires that Advertisers that have elected to use AdRoll provide a descriptive privacy policy linked to from their website describing their practices regarding Online Behavioral Advertising."*





> What are your privacy policy requirements?
> The link to your site’s privacy policy should be clearly visible on all pages where you’re collecting personal information—not just your homepage. A good practice is to provide a link to your privacy policy right below all forms where a visitor is entering their information, as well as in the footer. This will ensure your privacy policy is prominently visible to your visitors.
> 
> We require that your privacy policy, at minimum, does the following:
> ...



 
The placement of the ad code on two sites (LowEndBox.com, LowEndTalk.com) that don't have any privacy policy is a violation of AdRoll's terms of service.  The fact that ServerMania  there is documented proof dating back to July 2013 that ServerMania's ad code has been placed on sites without a privacy policy could get them tossed out of AdRoll for TOS violations. (FYI, AdRoll does give violators 7 days to cure most violations after they're reported before they pull the plug).



> They've been the ColoCrossing IP collector brand (250k -> 300k) since mid-2013.


Mid-2013 (August to be exact) is also when Velocity Servers' operations went from being self-financed to financing their operations with a ton of secured debt (all those UCC's I've mentioned before).


----------



## AnthonySmith (Oct 3, 2014)

Is the policy referring to the target or the site hosting the code, I assume it is the latter but would be worth checking?


----------



## AndrewM (Oct 3, 2014)

toadyus said:


> Maarten admitted in the GVH thread that they know companies are impersonating / operating under a fictitious names and that he's not allowed to warn people, that my friends is very alarming to me.


Oh you have no idea how true this is, and how deep it runs.


----------



## DomainBop (Oct 3, 2014)

AnthonySmith said:


> Is the policy referring to the target or the site hosting the code, I assume it is the latter but would be worth checking?


It's referring to the sites that host the "cookie stuffing" code like ServerMania/LET, etc.


----------



## drmike (Oct 3, 2014)

https://www.youtube.com/watch?v=uHWX4pG0FNY#t=100


----------

