A Day On The Dark Side Of …

Affiliate marketing… of course. Today: The dark side of SEO. Black-Hat Blog Trackback Spamming to be precise.
Trackback spam is annoying as comment or email spam, any spam actually and the worst spam is the exact same junk over and over and over again.

It’s bad enough to skim all this junk in the first place, but if you see the same time and again for months in the row you start building up some frustration and take it more and more personal. That’s at least how I feel about it.
This one for example:

The spammer promotes a tool called Keyword Elite which is a product by Brad Callen’s company SEO Elite. I sent Brad a nasty email back on December, 19th 2006 to cut down on the spam which I was seeing for several weeks already back then. I did not check much further and initially thought that he was engaged in it himself.

I have to apologize to him regarding that error of mine, but the rest of my message was valid and also provided the means to find out what the heck I was talking about. End of February are still the same spammers spam the same crap.

The best way to cut down on the frustration was for me to sit down and nail those SOB who did by now probably sent 100+ spam trackback my way. I did not like the packages and put them all in a nice box and herby delivery them back via “Return to sender – Postage also paid by sender”.

below are six of the used spam links which are all located on three different domains.




The urls won’t work if you copy and paste them into the browser address bar or from within a desktop email client. The homepage of the spam domain returns a 403, permission denied.

The full URL (with the sub directory) only redirects if the referrer shows a website. Not limited to websites that were spammed, any website in the HTTP referrer will do and trigger the hidden redirect.Here are the hops

1. www.keywordssearch.org/engine-google-keyword-result-search/
2. www.ezzstore.com/track/elite1/
3. clickerr.bryxen4.hop.clickbank.net
4. www.keywordelite.com/clickbank.php?hop=clickerr
5. www.keywordelite.com

1. is the spammers site and url that is visible in the trackback which redirects to a site that is invisible to the human eye at the domain ezzstore.com (2.)

Ezzstore.com redirects to Clickbank (3) who is probably not being able to see the original source of the traffic which might have triggered some suspicion and Clickbanks or Brad Callen’s end.

Clickbank redirects to KeywordElite with the affiliate id being passed and is then redirected to the KeywordElite homepage without the Affiliate ID in the URL. (5). A user will not see 2., 3. and 4. and only 1. and 5.

The benefiting affiliate account at Clickbank is: clickerr

Who is clickerr?
Who sent the trackbacks?

The spam trackbacks came always from the same IP. Back in December was it the same IP as it was in February:

The IP points to an ISP called QUICKPACKET, LLC located in Greer, South Carolina. The ISP offers all kinds of services from DSL over shared hosting to co-located hosting. See the ISP’s homepage at QUICKPACKET.NET for details.

IP is used by the domain easykeywords.org. I believe that it is a dedicated or co-located server. I will send an email to the ISP and it’s parent HOP with a link to this post.

IP is quite active in various niches

Chronic Yeast Infection remedy suggestion at www.stopyeastinfection.org/chronic-yeast-infection/ posted here

A Racing Game at www.gomyspacetools.org/myspace-online-multiplayer-game-codes/racing-game/ posted here

Specialty and Learning Toys at www.getmyspace.org/myspace-halo-videos/movies-videos/ posted here

and it goes on…

I followed up on the Clickbank Affiliate ID and started looking at the domains involved. All 7 Domains from the spammer are registered (unprotected) by a:

160 Kampong Ampat #05-03A/04
KA Place
Singapore (SG) 368 328
Email: infotainment (at) safe-mail (dot) net
Tel. +65.68582144

All 7 domains were registered in November 2006 for only 1 year (go figure).

Now a guy in Singapore with a server at an ISP in the US, using multiple sites to redirect and disguise the origin of traffic and not redirecting at all if the traffic did not get referred from a website to throw of people that might report the urls to automated systems that try to connect to the url to slowly timeout without getting anywhere and probably stop there.

He is smart enough to do all that, but forgets to spend a few dollars extra to protect his identity in the domain registration record?

Give me a break! That smells like a scapegoat to me, even 3 miles against the wind.

I did some cross checking of other information and stumbled across 3 sites that are interesting, Easyphonetone.com, Yourmyspacecenter.com and Affiliateprojectx.net. All three domains are registered to:

55 Abbey Road
Devon,TQ1 3QQ
GB (United Kingdom)
Tel. +044.1803229229
Email: mydomains (at) safe-mail (dot) net

Same free mailer for the email. I did not know that safe-mail.net is so popular. What’s with those domains? Okay.

This is a picture of the homepage of ezzstore.com

This is a picture of the homepage of Easyphonetone.com which happens to reside on the same Server and IP as ezztore.com (click image to enlarge).

Maybe it’s the standard image from the hosting provider. Okay, suspicious, but not enough. How about domain Yourmyspacecenter.com. See here one of the sub pages (click image to enlarge).

Here the details for the first link again and also the redirects. They are affiliate links and promote products from Advertisers at Clickbank. And guess what the affiliate ID is… right Clickerr.


I believe that T.Jones is also only little worker in the game, but the evidence gets thinner and more wide spread from here.

Mr/Mrs Jones promotes via Affiliateprojectx.net as affiliate a system called Project X which looks like perfect internet marketing scam to me. If you have $97 you don’t want anymore, burn it or spend it on Project X whichever will be more fun for you to waste money.

Also registered is an abandoned WordPress blog at Themasters2007.net with 7 friends in the blog roll which not all seem to be British or from Singapore.

The Yourmyspacecenter.com domain uses dingdonghost.com for the redirections and not ezzstore.com. dingdonghost.com is also a dns server with over 350 other dns records (probably sites).

If you go to dingdonghost.com, an interface for Simplified SE (Search Engine Content) by Simplified Web Systems at Simplifiedsec.com comes up, a service for $69 per month that does not look pure white hat to me. Simplifiedsec.com uses as DNS a server of the domain: SportCompactRacing.com which has over 4,300 dns entries.

SportCompactRacing.com itself has a shall we call it “active” history. It was in the news in 2005 for lifting content from AutoBlog.com, basically replicated the content almost entirely and the domain moved from one registrar to another for the 3 years prior the AutoBlog.com incident and became during that time quite popular with spam black lists.

All that might be coincidence, but it is funny how scum seems to attract scum, isn’t it.

I hope that the ISP, QUICKPACKET, will kill the spam server .

I also have a message for Brad Callen:

Revert any outstanding commission to Clickerr and notify Clickbank. You don’t need that kind of affiliates to promote your products. I put links up to your products and would have to reconsider this decision if you do not think that you should act on this. You have fans and evangelists of your products, like this blogger and customer of your product SEO Elite

The blog is full of love for you and your company. She (the blog owner) reports the progress made with the help of your tools in a nice journal. She posted about it at your support forum

Tell her to sign up for the affiliate program, replace the current blogroll links that link “Breast Pumps Information” and “Breastfeeding Daily Tip and News” with affiliate links to SEO Elite and Keyword Elite and tell her that she gets money for other people she sends your way. She would be a good affiliate of yours for sure. Spreading the love.

I hope the long and detailed (technical) excurse into the dark forces of affiliate marketing was interesting and showed the one or the other some tricks how to hunt down crocked affiliates. I am sure Wayne enjoyed it. Isn’t that very close to what you do for a living Wayne? 😉

About Carsten Cumbrowski

Internet Marketer, Entrepreneur and Blogger. To learn more about me and what I am doing, visit my website and check out the “about” section.

Twitter: ccumbrowski

6 Responses to A Day On The Dark Side Of …

  1. Good post. I have been dealing with something similar recently – also plugging into Brad Callen's software.

    I couldn't quite figure out the lack of affiliate id's in the URL. I know now though. I blogged about this also, but I have to hand it to you – you really did some digging. Well done. Just wish this type of crap would stop… *sigh*

  2. Dude – That was some seriously great work. I am always amazed when I read this kind of thing the effort that folks put into trying to keep the web untangled…


  3. Wayne Porter says:

    "I am sure Wayne enjoyed it. Isn't that very close to what you do for a living Wayne? ;)"

    Yes- similiar, Kellie of AffiliateFairPlay also dives into suhthings. I enjoyed the depth of your research very much and can appreciate how much time and effort goes into it. Bravo!


  4. johnny says:

    Seriously what a wste of your time. If you dont want trackback spam guess what DONT ALLOW TRACKBACKS.

  5. Johnny, trackback span is not what the post is about, but regarding trackbacks, since you mentioned it… you are not a blogger, don't you?

    This post of mine at SEJ is about trackback spam though. 🙂

  6. Another Day on the Darkside of …

    Another bad example of an affiliate that does not help to overcome the reputation problem of affiliate marketing. Deception and cheating does not get you anywhere except into trouble. Wake up folks!