In Google Chrome avast! Web Shield detected this infection on: htxp://www.centrum-sangoma.nl/…button_lezingen.jpg
Site was probably hacked because of an outdated Joomla version. See: http://sitecheck.sucuri.net/results/www.centrum-sangoma.nl
Malware on site: http://labs.sucuri.net/db/malware/php-error-fatal-error
IP is flagged on PHISH-Tank.
Zscaler misses this altogether, reported there.
Read on the malware attack: http://www.zyenweb.com/2009/12/30/trojan-attack-jsillredir-b-trj/
Script to remove it: http://crafts.hopmart.pl/files/remove-js-illredir-b.php.tar.gz (credits go to Mike from hopmart dot pl)

polonus