I recently started having issues with the admin interface of a website I run and decided to check the browser console to see if any errors were being displayed there. There were and among them was an error stating that a JavaScript map file being loaded (and failing) that I did not recognise. This meant that the actual JavaScript file itself was already loaded via my website. This set off all sorts of alarms for me and I started to dig in further. I checked the file system for any suspicious files, there were none. I checked the source code and templates for evidence of anything that has been added, there was nothing there. Yet all my pages were being served with the following <script> injected into them just before the closing </html> tag... JavaScript <script>'undefined'=== typeof _trfq || (window._trfq = []);'undefined'=== typeof _trfd && (window._trfd=[]),_trfd.push({'tccl.baseHost':'secureserver.net'}),_trfd.push({'ap':'cpsh'},{'server':'xxxxxxxx0000'}) // Monitoring performance to make your website faster. If you want to opt-out, please contact web hosting support.</script><script src='https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js'></script>
from
https://managewp.org/articles/18303/godaddy-is-sneakily-injecting-javascript-into-your-website-and-how-to-stop-it