i just found out that this website had a Phoenix Exploit kit
Description: We detected an iframe or javascript that loads the Phoenix Exploit kit to compromise anyone visiting the web site. This type of malware is generally heavily encoded and hidden on javascript files or at the top of the HTML/PHP/ASP pages.
It is a massive campaign. Vulnerabilities include a PHP code execution bug and a persistent cross-site scripting flaw. They affect Wordpress versions 3.3.1 and later. Mentioned Wordpress site is being used to fool spam filters that look for known, malicious Web domain,