Avast detects: JS:ScriptXE-inf [Trj]
Trojans detected:
Object: -http://51shengyi.com/yp/web/?122/category-news.html
SHA1: 863f48dde56b338c800c6d93eec239633a86e813
Name: TrojWare.JS.Redirector.EBFE
Object: -http://www.51shengyi.com/data/config.js
SHA1: a0b5d08df87e9b8f0958412d265b3d98d1520f0d
Name: TrojWare.JS.Redirector.EBFE
Object: -http://www.51shengyi.com/images/js/jquery.min.js
SHA1: b0d1d475cbb678ad3d0bb7f2e3189d0c27a68bf9
Name: TrojWare.JS.Redirector.EBFE
Object: -http://www.51shengyi.com/images/js/jqModal.js
SHA1: 1b46de0946e17efd608fa19d6f08ae1360d6b544
Name: TrojWare.JS.Redirector.EBFE
Object:-http://www.51shengyi.com/images/js/Std_StranJF.Js
SHA1: fffcd0d0fc0b5799c689336b88fb3d60f06db00f
Name: TrojWare.JS.Redirector.EBFE
Object: -http://www.51shengyi.com/images/js/common.js
SHA1: 0ca733b4df14ff0c0d0b6904b6e586a69f80e09f
Name: TrojWare.JS.Redirector.EBFE
Object: -http://www.51shengyi.com/images/js/validator.js
SHA1: 0c89f54172824d905e5eb0c6e10ca4f52d89da5f
Name: TrojWare.JS.Redirector.EBFE
See: https://www.virustotal.com/nl/url/743eca52f45b1a38f934f19ebc5ba6d20e48ce1b5177a52bf3ccc9fed03a8014/analysis/1440075303/
23 malicious and 7 suspicious files: http://quttera.com/detailed_report/www.51shengyi.com
Known javascript malware. Details: http://labs.sucuri.net/db/malware/malware-entry-mwjs2368?v2
Read: http://stackoverflow.com/questions/22244180/struts-2-bug-gaining-root-access-to-server
Detected reference to malicious blacklisted domain wXw.51shengyi.com
Suspicious

[[\x73\x63\x72\x69\x70\x74]]  

polonus

What about this external link, see: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fs4.cnzz.com%2Fstat.php%3Fid%3D2841625%26web_id%3D2841625%26show%3Dpic"+language%3D"JavaScript"
Malicious? → https://www.virustotal.com/nl/url/7662f9512194e5d8fce86d207d6ffc2c3396fe7086e6f3704b39ad3677d67c8e/analysis/
See: http://www.diicode.com/code/msok659v-417003

polonus