There are apparently some attack problems here: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fhoteldiscountdeals.org%2F&useragent=Fetch+useragent&accept_encoding=
One a Vegur_400-Vegur_700.font.js attack → http://stackoverflow.com/questions/6127084/cufon-toggle-css-visibility-with-jquery-fails-only-in-ie8
link author = Scott B, also read: http://security.stackexchange.com/questions/23507/cufon-or-prototype-as-an-attack-vector-for-blackhole-exploit-kit
credit to link author in reply = Mario Awad → htxp://hoteldiscountdeals.org/wp-content/themes/hotel/js/Vegur_400-Vegur_700.font.js

See malware and payload here: http://sitecheck3.sucuri.net/results/hoteldiscountdeals.org/
http://labs.sucuri.net/db/malware/malware-entry-mwblacklisted35

Site hacked because of Web application version:
WordPress version: WordPress 3.3.1
Wordpress version from source: 3.3.1
Wordpress Version 3.3.2 based on: htxp://hoteldiscountdeals.org//wp-admin/js/common.js
WordPress theme: htxp://hoteldiscountdeals.org/wp-content/themes/hotel/
WordPress version outdated: Upgrade required.

IP badness history: https://www.virustotal.com/nl/ip-address/192.185.111.192/information/

polonus