Attackers will do desperate and obvious things to boost the views of their 'customers'.
On a daily basis we find different malicious redirects (some are very well hidden, others not so much).
The interesting part of this malicious redirect is that during each different execution, it redirects you to another website where another malicious script is hosted, and then you are redirected to the monetization platform which redirects you to a random porn website.
hxxp://infectedsite[.]dom/wp-content/js/js.html (compromised website used as jump point to the below URL)
The content of the js.html is this:
<meta http-equiv="refresh" content="0;URL=hxxp://portal-b[.]pw/X9DC2z"/>
After the next redirect, the shortened URL sends you to a malicious click monetization website:
And voila! You are redirected to a random porn website from their list and generating some cents for the attacker.
If your website has been infected and need some help cleaning it up, please let us know.