It looks like tinyurl is now being abused by spammers the same way geocities was. I just got a porn spam using it.
The tiny URL resolves to: http://cover5.adultfriendfinder*MUNGED*.com/go/p239909.subyahtiny Which returns a HTML document pulling images and CSS from urls all at this site: http://graphics.pop6*MUNGED*.com/images/ffadult/outsource/beta2/ At casual glance it Looks like AFF is trying to outsource some of their marketing and used a spammer, pop6. However, Note that adultfriendfinder*MUNGED*.com and pop6*MUNGED*.com are both registered at the same address, just different suites, and pop6's NS records point None of the domains appear to be listed in SURBL or URIBL.com, and I can't find an active SBL or SPEWS on any of them.
