My friend tu_ma_max2 was recently frozen because of suspicious activity. She has contacted me saying it was a cg embedded in the coding. More proof this is a MAJOR problem.

Dose anyone have a list of sites it's been hosted from? I ask because using RequestPolicy I'm only allowing image hosting sites I know, but even that's not a guarantee. Then again, I'd like to know IF any popular hosts have been used in this way, or if it's all lame little 3rd party sites that I won't mind blocking everything from?