See:
http://killmalware.com/usurfer.com/#htxp://beacon-4.newrelic.com/1/41b3fabaf8?a=10889896&pl=1413645154014&v=460.9fd672a&to=MwYBZxFVDxdRV0VQXwpMNkEKG09OQFxB&be=380&fe=12581&dc=2031&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1413645154014,%22n%22:0,%22u%22:27,%22ue%22:38,%22dl%22:26,%22di%22:2205,%22ds%22:2341,%22de%22:2417,%22dc%22:12947,%22l%22:12957,%22le%22:12999,%22r%22:5,%22re%22:5,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce <span>...111 symbols skipped</span> is blocked by an extension in my google chrome browser.
As the URL in the code clearly says, this is code for the New Relic performance monitor. It gets inserted automatically by a PHP/Apache module as long as it's active on your server, this coming from the webhost
List of blacklisted external links: 2
htxp://2.bp.blogspot.com/-8l5smwxz7cs/tpxcvbfvooi/aaaaaaaace0/dewqisswjxc/s1600/2.jpg
htxp://2.bp.blogspot.com/_eec7gkv6jma/tmqdoztehhi/aaaaaaaac-8/vaaqurxxq4a/s320/ac130.jpg
List of referenced blacklisted domains/hosts: 1
-2.bp.blogspot.com
ISSUE DETECTED DEFINITION INFECTED URL
Defacement MW:DEFACED:01 htxp://usurfer.com
Defacement MW:DEFACED:01 htxp://usurfer.com/404javascript.js
Web site defaced. Details:
http://sucuri.net/malware/entry/MW:DEFACED:01<meta name="keywords" content="Hacked by TROJAN TN">
2 warnings at asafaweb:
https://asafaweb.com/Scan?Url=usurfer.comSecurity Headers:
https://www.uploady.com/download/lox7Hqw3Apq/z2MQcq5LSI0o2BreRe:
http://www.dnsinspect.com/usurfer.com/1423672415Suspicion of Defacement
meta name="keywords" content="hacked by trojan tn"> <meta name="description" content="hacked by trojan tn"> <script sr...
Also link to safa.ps (part of hack) negative web rep:
https://www.mywot.com/en/scorecard/safa.ps?utm_source=addon&utm_content=popuppolonus (volunteer website security analyst and website error-hunter)
