Servermania Ad Stalking Lowendtalk.com and Lowendbox.com Visitors

[drmike]

Draining Sales from other Lowendtalk and Lowendbox Companies

Have you ever visited Servermania's website? Wondering why wherever you go online you keep seeing Servermania ads for dedicated servers of VPS packages? Seen such on Facebook, Youtube, random websites that run Google Ads?

Odds are you are a visitor to Lowendtalk.com or Lowendbox.com. You contracted the Servermania ad stalking plague via one of those sites.

When you go to Lowendtalk.com or Lowendbox.com you receive a cookie in your browser for AdRoll and their 'client' Servermania.

You can find the ad bug by going to either site and viewing the page source. Go to the very bottom of the page and you find:


<script type="text/javascript">
adroll_adv_id = "QJSDIDC4UFEMBMV27GEVT4";
adroll_pix_id = "GMBHGZ3CGRFJLERGSOGDO4";
(function () {
var oldonload = window.onload;
window.onload = function(){
__adroll_loaded=true;
var scr = document.createElement("script");
var host = (("https:" == document.location.protocol) ? "https://s.adroll.com" : "http://a.adroll.com");
scr.setAttribute('async', 'true');
scr.type = "text/javascript";
scr.src = host + "/j/roundtrip.js";
((document.getElementsByTagName('head') || [null])[0] ||
document.getElementsByTagName('script')[0].parentNode).appendChild(scr);
if(oldonload){oldonload()}};
}());
</script>

adroll_adv_id = the unique advertiser identifier

Plugging QJSDIDC4UFEMBMV27GEVT4 into Google:

https://www.google.com/?gws_rd=ssl#safe=off&q=QJSDIDC4UFEMBMV27GEVT4

Yields:

https://tools.digitalpoint.com/cookie-search?cookie_domain=.www.servermania.com

Therein:

servermania.com Aug 27, 2014 Name __ar_v4 Domain .www.servermania.com Expires Value |QJSDIDC4UFEMBMV27GEVT4:20140826:1|GMBHGZ3CGRFJLERGSOGDO4:20140826:1|T7TC7EIUQJDNVPRCMYQV3Z:20140826:1

Cross referencing this to Servermania:

view-source:https://web.archive.org/web/20140208055456/http://www.servermania.com/

Archive.org site grab of Servermania.com from February 8, 2014:

Lines 684-700:


<script type="text/javascript">
   
adroll_adv_id = "QJSDIDC4UFEMBMV27GEVT4";
adroll_pix_id = "GMBHGZ3CGRFJLERGSOGDO4";

(function () {
var oldonload = window.onload;
window.onload = function(){
__adroll_loaded=true;
var scr = document.createElement("script");
var host = (("https:" == document.location.protocol) ? "/web/20140208055456/https://s.adroll.com" : "/web/20140208055456/http://a.adroll.com");
scr.setAttribute('async', 'true');
scr.type = "text/javascript";
scr.src = host + "/j/roundtrip.js";
((document.getElementsByTagName('head') || [null])[0] ||
document.getElementsByTagName('script')[0].parentNode).appendChild(scr);
if(oldonload){oldonload()}};
}());
</script>

What is AdRoll?

A thread was started on vpsBoard about AdRoll as precursor to this:



AdRoll is off-site re-marketing. A visitors comes to your website. They do not buy. You feed them an AdRoll cookie. 20 minutes later when they are elsewhere online BLAMO! up comes an ad for your site, where they just were.

AdRoll significantly increases sales for most companies.

AdRoll isn't the only company doing this sort of thing. Google has similar cooked directly into their own ad offering. AdRoll opens the concept up to many more advertising networks including Facebook.

Smart conceptually AdRoll is when implemented on your own site.

Why This Sort of Re-Marketing is BAD

Re-marketing is iffy to start with. Many consumers consider this ad stalking and are weirded out by such.

Re-marketing is rife with ad click fraud. It is more infested with fraud than straight ad buys since the end delivery sites are often vague, and sometime 3rd party where the original “qualifying” cookie placement happened.

To consumers this is ad stalking and doing it via a third party website is just being a dirt bag.

To you, if you are a company that sells dedicated servers or sells VPS and does so through LET and LEB, ColoCrossing and Servermania are screwing you out of sales. They are absorbing customers through these sales via ads on other sites where they've targetted ALL LET AND LEB visitors as Servermania leads. In the process they've even tagged you the company owner and competitor as a lead.

Servermania is Colocrossing's largest customer and has a special investment relationship with Colocrossing.

This points to something larger and more sinister though.

How Long has LowendTalk and Lowendbox been Bugged by Servermania?

Lowendtalk June 28, 2013, Archive.org capture doesn't include the AdRoll code:

view-source:https://web.archive.org/web/20130628205642/http://www.lowendtalk.com/

Lowendtalk August 5, 2013, Archive.org capture DOES include Adroll code:

view-source:https://web.archive.org/web/20130805071054/http://lowendtalk.com/

Lowendbox July 9, 2013, Archive.org capture doesn't include the AdRoll code:

https://web.archive.org/web/20130709035639/http://www.lowendbox.com/

Lowendbox July 12, 2013, Archive.org capture DOES include the AdRoll code:

view-source:https://web.archive.org/web/20130712053326/http://www.lowendbox.com/

So both sites were likely bugged July 9-12, 2013, and have been ever since.

What should people do about this?

Advertisers on LET and LEB should reconsider their spending on BuySellAd campaigns.

Others should demand Servermania bugging via AdRoll be removed from LET and LEB.

Everyone should demand LET and LEB run in a more transparent and honest fashion free of these shell companies and investments they are so fond of hiding behind (ChicagoVPS, UGVPS, 123Systems, BlueVM, HVH, etc.)

Demand action addressing the never ending Servermania shilling on LEB (masses of offers under their own shell company garbage).

 

[Nett]

Good findings there... is this against AdRoll's policies or not?

 

[mikeyur]

So.. I don't get what this has to do with BuySellAds customers.. Even though I don't think anyone should be wasting money on non-retargeting display ads anyways.

As a marketer: retargeting/remarketing ads are AWESOME. As a consumer: I run Adblock.

Re: Adroll rules. I do not believe this is against their TOS - all you need to do is drop a pixel and you're good to go. Many of our clients have large parent companies and we cross-target ads against their sites all the time (Adroll, Google Remarketing, etc).

This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads.

 

[drmike]

Good findings there... is this against AdRoll's policies or not?

That's a loaded question because the advertising industry continues to insist on self regulation while walking a narrow line with government, private advocates, etc.

Let's say those who make money in such way lack common sense and decency. Later the confess, pay some fines and hope to avoid criminal prosecution.

AdRoll allows it per se (but they have mixed messages about it).  The related ad industry even has a name for this sort of nasty practice (which typically when implemented is more innocent in nature like buying an AdRoll bugging in a site in Los Angeles that covers local LA events) - it doesn't involve companies like  in this instance conspiring to control an entire marketplace.

AdRoll used in the local example is meh, very questionable.

AdRoll used in this instance is furtherance of organized fraud by LET and LEB.

 

[drmike]

So.. I don't get what this has to do with BuySellAds customers.. Even though I don't think anyone should be wasting money on non-retargeting display ads anyways.

This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads.

BSA ad buyers are spending real cash on LET and LEB.  Yet allegedly as-is so is Servermania (as per their weird direct ad on both sites served directly from Wordpress).

Slew of company ads on a page, but we have Servermania with the ad bugging to top the pie off and hard core sales cornering off site.  People should be asking too why SM ad isn't through BSA.

I mean neither is HudsonValleyHost's ad on the footer, but we long ago forced that situation out into public that CC owned HVH.

"This may be an issue for LET/LEB (and parent company) if they do not have a proper privacy policy in place that explicitly states they use remarketing ads."

LET and LEB lack Privacy Policy, Terms of Service and proper contact details.  Never have had any of these.

 

[mikeyur]

So you're talking about the morals of a corporation and not the legal ramifications of their actions, correct?

Nothing I see them doing is breaking any rules - it's totally fine to run private ads outside without a network, anyone can do direct sales. Tagging other sites, that allow you, with your Adroll/remarketing code isn't an issue.

You just have a problem with LET/LEB/CC specifically doing these things?

LET and LEB lack Privacy Policy, Terms of Service and proper contact details.  Never have had any of these.

Then report them on that.

 

[drmike]

So you're talking about the morals of a corporation and not the legal ramifications of their actions, correct?

Nothing I see them doing is breaking any rules - it's totally fine to run private ads outside without a network, anyone can do direct sales. Tagging other sites, that allow you, with your Adroll/remarketing code isn't an issue.

You just have a problem with LET/LEB/CC specifically doing these things?

Then report them on that.

Legal ramifications with them is open barrel without a bottom at this point.  Amount of fraud going on around ColoCrossing is nothing to ignore, even if it is being apparently ignored.

Do the math, May 2013, hack.  CC forced out into the open as the owner of LET/LEB after lying for a year or more.

< 2 months afterwards as traffic there in a big valley, out comes this "re-marketing" bug.    This isn't some straight up normal thing companies do -- then again neither is a provider owning an at-large marketplace anything normal.

How would it sit if WebhostingTalk started AdRoll infesting their pages with say a remarketing code for Hetzner?  Think the other thousands of companies that participate in WHT and probably use AdRoll themselves on their OWN site would be miffed?   Now imagine if WebhostingTalk actually owned Hetzner also and kept that a secret.

Clearly what they are up to is fraud and this is an extension of that.

Servermania makes sale ---> money to CC directly.

Me I have a problem with anyone cookie stuffing people like this subversively and slyly.  Especially where the whole who owns who and what has been shrouded at every turn with them lying.  Fraud by deception over and over.

Reporting for lack of privacy policy and other matter ---

Report them to whom?  It ought to be required by law and all, but isn't.

Closest we get here is this, AdRoll's own Policies, http://www.adroll.com/about/privacy  which says:

"Other Sites Policies

AdRoll has no control over, nor does it bear any of the responsibility for the privacy policies and/or content of any sites or advertisers linked to or on AdRoll’s website, or the cookies these sites might set in your browser. AdRoll requires that Advertisers that have elected to use AdRoll provide a descriptive privacy policy linked to from their website describing their practices regarding Online Behavioral Advertising."

Servermania's own Privacy Policy Fails to mention Online Behavioral Advertising http://www.servermania.com/privacy-policy.htm ....  and as we saw, they ran this AdRoll bugging on their own site back in February and prior.

Privacy Policy
Server Mania has a long-standing policy of protecting customer privacy.

We believe that you should know what information we collect from you, as well as how that information is used, disclosed, and protected. We have created this policy statement (the "Policy") to explain our privacy practices and policies..

We will not sell or disclose your personal information to unaffiliated third parties without your consent except as otherwise provided in this Policy or our Terms of Service and Appropriate Use Policy. We may use information about who you are, where and when you browse on the Web, where your wireless device is located, and how you use our network to provide you better service and enrich your user experience when you sign up or use any of our products or services.

Server Mania will revise and update this Policy as it deems appropriate, including, for example, if our practices change or if changes in the law so require. You should refer back to this page for the latest information.

ColoCrossing who owns these Lowend sites lacks any proper documents on this site also (just like LET and LEB), but would legally claim likely when cornered that they don't own LET/LEB.

LowendBox footer is updated to reflect is it part of VSNX (LowEndBox. Part of the VSNX Family of Companies. ):

Link: http://vsnx.net

VSNX also entirely lacks common policy documents.

 

[GIANT_CRAB]

Not going to give a fuck since I have ad block plus

 

[drmike]

Not going to give a fuck since I have ad block plus

AdBlockPlus indeed blocks AdRoll - there are 10 entries for AdRoll in EasyList for ABP.

 

[mikeyur]

Not going to give a fuck since I have ad block plus

AdBlockPlus indeed blocks AdRoll - there are 10 entries for AdRoll in EasyList for ABP.

This is indeed the answer if you have problems being tracked. Again, I run multiple Adroll campaigns for clients that spend 10s of thousands a month on this stuff - and I run ABP..

Re: providers being pissed off if ServerMania tags a user first - that doesn't mean much. The way inventory works for different sites/retargeting systems varies a lot. But basically a user would see ads from both, they might get more from one if they have a larget budget or in the case of other remarketing systems - have a higher bid.

If I didn't run adblock I'd be getting tagged by all my client sites that I visit daily, and pretty much every other site online. And depending on what other sites I visit, I'd see some more than others - but mostly it would spread them out evenly.

Having a large retargeting base doesn't hugely help you. Having a more relevant targeting base is the key.

I'm fairly new to this community and LET/LEB - so I don't have the full backstory on everything, just bits and pieces that come up. I understand your point and concerns - just wanted to work out whether your qualm was with the technologies themselves or who is using them.

Re: privacy policy. I know Google is much more strict about these things compared to Adroll. It also depends on the physical location the site is hosted in and what their privacy laws are. In the US & Canada, where our clients are located, it's much more about the ad company's policies than legal problems. Looks like Adroll is going the "not our problem" route on this one.

 

[AnthonySmith]

this post made me want to start using adroll those servermania adverts 'seemed' to have incredible penetration, now I know why.

 

[MannDude]

Ah, now I know why I see their ads everywhere. Not sure if it's a direct violation of adroll's policy or not, but regardless, still a tad shady I think.

It'd be like me using vpsBoard to cookie stuff so when you sign up for digitalocean, I get a affiliate credit or something.

Though I guess the real question would be why is ServerMania obtaining access to unique and private forms of advertising not offered to others? The adroll 'partnership' (if you'd call it that) as well as the unique advertising spots only available to them and Colocrossing's own HudsonValleyHost. Not that it really matters, LET/LEB are privately owned sites but given the fact that ServerMania resells Colocrossing and Colocrossing only it seems a bit suspect. Business as usual though, of course they (CC) will be interested in seeing the brands who resell them grow more than others, it only makes sense as it all trickles up. That's nothing new. Just sucks for the other hosts who are trying to run a business who get less coverage because a provider owns that marketplace and has an interest in helping those who resell them grow and those only.

 

[mikeyur]

this post made me want to start using adroll those servermania adverts 'seemed' to have incredible penetration, now I know why.

It's a ridiculously effective advertising method, and I think Adroll's minimum is $20 or $25/week. I'm under the same username on the LES forum - shoot me an email if you want some help/advice on setup.

 

[Epidrive]

Now i know why i keep on seeing theirs ads everywhere, i thought I was just in their target audience.. Turns out to be more than that.

 

[tragic]

Now i know why i keep on seeing theirs ads everywhere, i thought I was just in their target audience.. Turns out to be more than that.

Makes two of us. Been seeing their ads blasted over Facebook as well.

 

[QuadraNet_Adam]

This is news to me, it's an effective and a creative way of marketing (I'll give them that), but not so ethical and if I am correct it violates AdRoll's policies.

You would think LEB/LET would stick this tracking code in their site to advertise/benefit for their parent company (ColoCrossing), but instead they are just doing it for one of their clients ServerMania? Unless things have changed since I last checked, and CC now owns ServerMania? Is SM more than just a client now? Please enlighten me, I honestly haven't been keeping up with that front.


EDIT: I just read that LEB/LET has been bugged with this code since July 2013. Hmm, that's interesting.

 

[MattKC]

Given colocrossings history of trying to hide acquisitions, and cvps's same tactic to avoid forum bans, it wouldn't surprise me in the least. Either that or SM offered the most dirty cash for the honor.

 

[Kris]

Again?  :lol:

http://bgp.he.net/AS55286

That's them. Single homed to ColoCrossing with WHOIS at the CC 'datacenter'  - 311,000+ IPs as of today. 

They've been the ColoCrossing IP collector brand (250k -> 300k) since mid-2013.

Guess that's when CC got their /14 and it was harder to get more IPs under that name at ARIN.  

 

[Munzy]

As per Enjen's Asn-blocklist ::

https://www.enjen.net/asn-blocklist/index.php?asn=36352&type=iplist

Buffalo ===================================

The test IP for server mania in Buffallo is from colocrossing's IP space.

http://www.servermania.com/newyork-datacenter.htm

198.12.69.74 => 198.12.68.0/23 (cc)

Los Angeles ================================

Once again test IP is in CC's network.

23.229.123.150 => 23.229.112.0/20 (cc)

Chicago ====================================

And again....

23.254.113.106 => 23.254.112.0/20 (cc)

Atlanta ====================================

... and by far the weirdest....!

192.157.59.250 => 192.157.56.0/22

Which is in the b2net space as per Enjen:: https://www.enjen.net/asn-blocklist/index.php?asn=AS55286&type=iplist

http://www.servermania.com/atlanta-datacenter.htm for more info.

Munzy

 

[Kris]

ASNumber: 55286
ASName: SERVER-MANIA
ASHandle: AS55286
RegDate: 2013-05-16
Updated: 2013-05-16

Under 18 months they've amassed 311,000+ IPs. Remember this when you're waiting weeks for your next /22. 

Add the special ad code (where they didn't go through BSA) and... not rocket science.