Blocked by WOT and webutation: http://www.webutation.net/go/review/consumertipsdaily.org?req=chrome
Flagged on many instances by VT: https://www.virustotal.com/nl/url/b03111c787aa4f11d6d546ce0b725c40c5cd4ff5a5e79b3c204c48607f07e77a/analysis/1383402944/
Phishing and other frauds, disease vector,spam according to http://urlquery.net/report.php?id=7390685
See IDS severity 1: http://doc.emergingthreats.net/bin/view/Main/2015878
Exploitable: http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-142889/PHP-PHP-5.3.18.html
On redirect to htxps://wahinstitute.net/?t202kw=affi&sid=
I get these included scripts alerted:
Suspect - please check list for unknown includes
htxps://wahinstitute.net/js/jscripts-lib.php → http://jsunpack.jeek.org/?report=312c31a8a35696ee8de894542d5b3a2d42bf01be
htxps://wahinstitute.net/js/exitpop.php → http://jsunpack.jeek.org/?report=9ea65ead9320cd7fb07cea26617628bb0a3ba88c
(inserted on themes to go in footer.php)
Quttera comes up with 4 potentially suspicious -
//////////////
/program-available.php?
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[‘\nToday's Special 61% OFF Discount\n**************‘]] of length 702 which may point to obfuscation or shellcode.
Threatdump: http://jsunpack.jeek.org/?report=4a7af539e48544a01b10bffa58f2ef4b01a41c38
//////////////////index.html
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[’\n Today's Special 50% OFF Discount\n ‘]] of length 673 which may point to obfuscation or shellcode.
Threatdump: http://jsunpack.jeek.org/?report=f77ab01654159005e491269a38c69d2ede45ab1c
//////////////////
/1/program-available.php?
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[’\nToday's Special 61% OFF Discount\n**************‘]] of length 702 which may point to obfuscation or shellcode.
Threatdump: http://jsunpack.jeek.org/?report=02093071d935edafa73e92a56b034a3bb3ffde6e
//////////////////////////////////////
/#
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[’*************\n Today's Special 50% OFF Discount\n *************’]] of length 673 which may point to obfuscation or shellcode.
Threatdump: http://jsunpack.jeek.org/?report=0c8955ce6fa3389079f56beb15d73b033354ce67
pol
Pondus
3
Hi Pondus,
Hey, thanks 
That is a valuable precision for those that will alert this via the WOT webrep reports!
pol
Pondus
5
and those listed at PhishTank are blocked by openDNS