RUM (Real User Monitoring) JS code in website

Question

I suddenly discovered some weird code in my websites:

<script type="text/javascript">var NREUMQ=NREUMQ||[];NREUMQ.push(["mark","firstbyte",new Date().getTime()]);</script>

But I never implemented this in my code and suddenly it's there.

Is there any way this has been hacked some way into my website? Or what can cause this weird code?

UPDATE:

I just deleted all my code and added an index.php file with these contents:

<html>
<head>
</head>
<body>
test
</body>
</html>

When I look in the source, the following code is shown:

<html>
<head>
<script type="text/javascript">var NREUMQ=NREUMQ||[];NREUMQ.push(["mark","firstbyte",new Date().getTime()]);</script>
</head>
<body>
test
<script type="text/javascript">if(!NREUMQ.f){NREUMQ.f=function(){NREUMQ.push(["load",new Date().getTime()]);var e=document.createElement("script");e.type="text/javascript";e.src=(("http:"===document.location.protocol)?"http:":"https:")+"//"+"d1ros97qkrwjf5.cloudfront.net/42/eum/rum.js";document.body.appendChild(e);if(NREUMQ.a)NREUMQ.a();};NREUMQ.a=window.onload;window.onload=NREUMQ.f;};NREUMQ.push(["nrfj","beacon-3.newrelic.com","0320653fc3","2194086","YAFRYxcHXUYCBUdQWVlLZkUMSVpbBwNLF0ZfFA==",0,1,new Date().getTime(),"","","","",""]);</script>
</body>
</html>

UPDATE 2:

What I have tried so far:

• deleted all my files and just added a php file with a simple html layout
• copied all my webspace files to my local dir: THE SCRIPT IS GONE!
• disabled all kind of services in the control panel of my host
• My webhost says they don't put code in webfiles, but it seems they do because I can not think of any other scenario to try. I also tracked other websites hosted via this company and a lot of websites have the code in their source too!

Answer 1

It's part of New Relic's Real User Monitoring feature (either you or your host have installed New Relic on your server).

The JavaScript injected for Real User Monitoring collects timing information in the browser that contains details to identify the specific app and the web transaction processed on the backend, as well as how time was spent in the app for each request. When a page completes loading in an end user’s browser, RUM sends the information back to New Relic asynchronously, so it doesn’t affect page load time. RUM uses the IP address to resolve the geographic location of each request.

https://newrelic.com/docs/features/how-does-real-user-monitoring-work